CVE-2024-48423

An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
References
Link Resource
https://github.com/assimp/assimp/issues/5788 Exploit Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:assimp:assimp:5.4.3:*:*:*:*:*:*:*

History

05 Nov 2024, 17:54

Type Values Removed Values Added
First Time Assimp
Assimp assimp
References () https://github.com/assimp/assimp/issues/5788 - () https://github.com/assimp/assimp/issues/5788 - Exploit, Issue Tracking, Third Party Advisory
CPE cpe:2.3:a:assimp:assimp:5.4.3:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-416

25 Oct 2024, 12:56

Type Values Removed Values Added
Summary
  • (es) Un problema en assimp v.5.4.3 permite a un atacante local ejecutar código arbitrario a través de la función CallbackToLogRedirector dentro de la librería Assimp.

24 Oct 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-24 21:15

Updated : 2024-11-21 09:40


NVD link : CVE-2024-48423

Mitre link : CVE-2024-48423

CVE.ORG link : CVE-2024-48423


JSON object : View

Products Affected

assimp

  • assimp
CWE
CWE-416

Use After Free