CVE-2022-2950

Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01	Patch Third Party Advisory US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01	Patch Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

cpe:2.3:a:altair:hyperview_player:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:01

Type	Values Removed	Values Added
Summary		(es) Las versiones 2021.1.0.27 y anteriores de Altair HyperView Player son afectados por el uso de una vulnerabilidad de memoria no inicializada durante el análisis de archivos H3D. Un DWORD se extrae de un búfer no inicializado y, después de la extensión del signo, se utiliza como índice en una variable de pila para incrementar un contador que provoca daños en la memoria.
References	~~() https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01 - Patch, Third Party Advisory, US Government Resource~~	() https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01 - Patch, Third Party Advisory, US Government Resource

Information

Published : 2022-12-13 21:15

Updated : 2024-11-21 07:01

NVD link : CVE-2022-2950

Mitre link : CVE-2022-2950

CVE.ORG link : CVE-2022-2950

JSON object : View

Products Affected

altair

hyperview_player

CWE

CWE-908

Use of Uninitialized Resource

{"id": "CVE-2022-2950", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-12-13T21:15:11.510", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-908"}]}], "descriptions": [{"lang": "en", "value": "\n\n\nAltair HyperView Player\u00a0versions 2021.1.0.27 and prior\u00a0are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.\n\n\n\n\n\n"}, {"lang": "es", "value": "Las versiones 2021.1.0.27 y anteriores de Altair HyperView Player son afectados por el uso de una vulnerabilidad de memoria no inicializada durante el an\u00e1lisis de archivos H3D. Un DWORD se extrae de un b\u00fafer no inicializado y, despu\u00e9s de la extensi\u00f3n del signo, se utiliza como \u00edndice en una variable de pila para incrementar un contador que provoca da\u00f1os en la memoria."}], "lastModified": "2024-11-21T07:01:58.573", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:altair:hyperview_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AB19D33-042C-437F-9872-73769D79311C", "versionEndIncluding": "2021.1.0.27"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}