Lucene search
RgodZDI-20-1246HistoryOct 14, 2020 - 12:00 a.m.
Microsoft 3D Viewer FBX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
2020-10-1400:00:00
rgod
www.zerodayinitiative.com
30
0.009 Low
EPSS
Percentile
82.6%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process at low integrity.
Related
mscve
mscve
Base3D Remote Code Execution Vulnerability
2020-10-13 07:00:00
prion
prion
Remote code execution
2020-10-16 23:15:00
nvd
nvd
CVE-2020-17003
2020-10-16 23:15:17
cvelist
cvelist
CVE-2020-17003 Base3D Remote Code Execution Vulnerability
2020-10-16 22:18:11
cve
cve
CVE-2020-17003
2020-10-16 23:15:17
nessus
nessus
Microsoft 3D Viewer Base3D Code Execution (October 2020)
2020-10-13 00:00:00
kaspersky
kaspersky
KLA11974 ACE vulnerabilities in Microsoft Apps
2020-10-13 00:00:00
threatpost
threatpost
October Patch Tuesday: Microsoft Patches Critical, Wormable RCE Bug
2020-10-13 20:44:01