Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.
Description: CWE-908 Use of Uninitialized Resource
Metrics
Version
Base score
Base severity
Vector
3.1
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version:3.1
Base score:7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Mitigation measures have been added to the latest version of HyperView Player v2022.1 https://altairone.com/Marketplace . Altair One recommends users apply the update to mitigate these vulnerabilities.
Configurations
Workarounds
Exploits
Credits
finder
Tran Van Khang of VinCSS working with Trend Micro Zero Day Initiative (ZDI) reported these vulnerabilities to CISA.