CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-43279

An out-of-bounds write vulnerability exists in the U3D file reading procedure in Open Design Alliance PRC SDK before 2022.10. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://www.opendesign.com/security-advisories
https://www.zerodayinitiative.com/advisories/ZDI-21-1337/
https://www.opendesign.com/security-advisories
https://www.zerodayinitiative.com/advisories/ZDI-21-1337/

Products affected by CVE-2021-43279

Opendesign » Oda Prc Software Development Kit » Version: Any

cpe:2.3:a:opendesign:oda_prc_software_development_kit:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-43279

Products

Pricing

Contact Us