CVE-2024-40724

July 19, 2024, 1:01 p.m.

Product(s) Impacted

Assimp

before 5.4.2

Description

Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.

Weaknesses

Date

Published: July 19, 2024, 8:15 a.m.

Last Modified: July 19, 2024, 1:01 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

References

https://github.com/assimp/assimp/pull/5651/commits/614911bb3b1bfc3a1799ae2b3cca306270f3fb97

vultures@jpcert.or.jp

https://github.com/assimp/assimp/releases/tag/v5.4.2

vultures@jpcert.or.jp

https://jvn.jp/en/jp/JVN87710540/

vultures@jpcert.or.jp

CVE-2024-40724

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Undergoing Analysis

Source

References

Share