CVE-2022-2950 in HyperView Playerinfo

Summary

by MITRE • 12/14/2022

Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

08/22/2022

Disclosure

12/14/2022

Moderation

accepted

Entry

VDB-210449

CPE

ready

CWE

CWE-908 (confirmed)

CVSS

6.3 (VulDB)

EPSS

0.00304

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-2950
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-2950
CVE Details	https://www.cvedetails.com/cve/CVE-2022-2950/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!