Lucene search
Mat Powell of Trend Micro Zero Day InitiativeZDI-23-1412HistorySep 12, 2023 - 12:00 a.m.
Microsoft 3D Builder WRL File Parsing Memory Corruption Remote Code Execution Vulnerability
2023-09-1200:00:00
Mat Powell of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
6
microsoft 3d builder
memory corruption
remote code execution
vulnerability
wrl file parsing
0.001 Low
EPSS
Percentile
45.2%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WRL files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process at low integrity.
Related
prion
prion
Remote code execution
2023-09-12 17:15:00
zdi
zdi
nvd
nvd
CVE-2023-36772
2023-09-12 17:15:13
vulnrichment
vulnrichment
CVE-2023-36772 3D Builder Remote Code Execution Vulnerability
2023-09-12 16:58:42
cve
cve
CVE-2023-36772
2023-09-12 17:15:13
mscve
mscve
3D Builder Remote Code Execution Vulnerability
2023-09-12 07:00:00
cnvd
cnvd
Microsoft 3D Builder Remote Code Execution Vulnerability (CNVD-2023-74908)
2023-09-15 00:00:00
cvelist
cvelist
CVE-2023-36772 3D Builder Remote Code Execution Vulnerability
2023-09-12 16:58:42
nessus
nessus
kaspersky
kaspersky
KLA60570 Multiple vulnerabilities in Microsoft Apps
2023-09-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - September 2023
2023-09-12 22:55:55