CVE-2022-2951

Summary

Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption.

Affected Software

VendorProductVersion RangeStatus
AltairHyperView Player0 <= 2021.1.0.27affected

Weaknesses

  • CWE-129: CWE-129 Improper Validation of Array Index

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References