A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1094 | Exploit Third Party Advisory |
Configurations
Information
Published : 2020-11-13 07:15
Updated : 2022-05-13 13:57
NVD link : CVE-2020-6149
Mitre link : CVE-2020-6149
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
pixar
- openusd