CVE-2020-6155
8.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Pixar | Pixar OpenUSD 20.05, Apple macOS Catalina 10.15.3 | affected |
Weaknesses
- CWE-122: CWE-122: Heap-based Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.