A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1101 | Exploit Third Party Advisory |
Configurations
Information
Published : 2020-11-13 07:15
Updated : 2022-05-13 13:57
NVD link : CVE-2020-6155
Mitre link : CVE-2020-6155
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
pixar
- openusd