CVE-2023-35953
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric vertices section within an OFF file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| libigl | libigl | v2.4.0 | affected |
| libigl | libigl | v2.5.0 | affected |
Weaknesses
- CWE-121: CWE-121: Stack-based Buffer Overflow
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784
References
- https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.