Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-2950 | 1 Altair | 1 Hyperview Player | 2024-02-04 | N/A | 7.8 HIGH |
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption. | |||||
CVE-2022-2947 | 1 Altair | 1 Hyperview Player | 2024-02-04 | N/A | 7.8 HIGH |
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation. | |||||
CVE-2022-2949 | 1 Altair | 1 Hyperview Player | 2024-02-04 | N/A | 7.8 HIGH |
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption. | |||||
CVE-2022-2951 | 1 Altair | 1 Hyperview Player | 2024-02-04 | N/A | 7.8 HIGH |
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption. |