Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Convex 3D Stack-based Buffer Overflow Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
Convex 3D
by:
Unknown
7.5
CVSS
HIGH
Stack-based buffer overflow
Buffer Overflow
CWE
Product Name: Convex 3D
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:convex:convex_3d
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Convex 3D Stack-based Buffer Overflow Vulnerability

The Convex 3D application is susceptible to a stack-based buffer overflow vulnerability. This vulnerability occurs due to a failure in checking the bounds of user-supplied image data before copying it into a fixed-size memory buffer. Remote attackers can exploit this vulnerability to alter the flow of execution of the application, potentially leading to the execution of attacker-supplied machine code within the context of the application.

Mitigation:

It is recommended to update Convex 3D to a patched version to mitigate this vulnerability. Additionally, users should exercise caution when opening image files from untrusted sources.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11995/info

It is reported that Convex 3D is susceptible to a stack-based buffer overflow vulnerability. This issue is due to a failure of the application to properly check the bounds of user-supplied image data prior to copying it into a fixed-size memory buffer.

This vulnerability allows remote attackers to alter the proper flow of execution of the application, potentially resulting in the execution of attacker-supplied machine code in the context of the application attempting to read a malicious file. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25007.zip

Navigation

Suggest Exploit

Services By CQR