Lucene search
Mat Powell of Trend Micro Zero Day InitiativeZDI-23-1411HistorySep 12, 2023 - 12:00 a.m.
Microsoft 3D Builder PLY File Parsing Memory Corruption Remote Code Execution Vulnerability
2023-09-1200:00:00
Mat Powell of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
9
microsoft 3d builder
ply file parsing
memory corruption
remote code execution
vulnerability
user interaction
improper validation
memory corruption condition
low integrity
current process
0.001 Low
EPSS
Percentile
45.3%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PLY files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process at low integrity.
Related
prion
prion
Remote code execution
2023-09-12 17:15:00
nvd
nvd
CVE-2023-36772
2023-09-12 17:15:13
vulnrichment
vulnrichment
CVE-2023-36772 3D Builder Remote Code Execution Vulnerability
2023-09-12 16:58:42
cve
cve
CVE-2023-36772
2023-09-12 17:15:13
zdi
zdi
mscve
mscve
3D Builder Remote Code Execution Vulnerability
2023-09-12 07:00:00
cnvd
cnvd
Microsoft 3D Builder Remote Code Execution Vulnerability (CNVD-2023-74908)
2023-09-15 00:00:00
cvelist
cvelist
CVE-2023-36772 3D Builder Remote Code Execution Vulnerability
2023-09-12 16:58:42
nessus
nessus
kaspersky
kaspersky
KLA60570 Multiple vulnerabilities in Microsoft Apps
2023-09-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - September 2023
2023-09-12 22:55:55