Lucene search
Mat Powell of Trend Micro Zero Day InitiativeZDI-23-268HistoryMar 16, 2023 - 12:00 a.m.
Adobe Dimension GLTF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2023-03-1600:00:00
Mat Powell of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
13
adobe dimension
gltf files
parsing vulnerability
remote code execution
EPSS
0.001
Percentile
41.4%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GLTF files. Crafted data in a GLTF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
cnvd
cnvd
Adobe Dimension out-of-bounds write vulnerability (CNVD-2023-21650)
2023-03-17 00:00:00
prion
prion
Cross site scripting
2023-03-28 20:15:00
nvd
nvd
CVE-2023-25880
2023-03-28 20:15:11
cve
cve
CVE-2023-25880
2023-03-28 20:15:11
cvelist
cvelist
nessus
nessus
Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20)
2023-03-16 00:00:00
Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)
2023-03-16 00:00:00
adobe
adobe
APSB23-20 : Security update available for Adobe Dimension
2023-03-14 00:00:00