Submit #517787: Open Asset Import Library Assimp >=5.4.3 Out-of-Bounds Readinfo

TitleOpen Asset Import Library Assimp >=5.4.3 Out-of-Bounds Read
DescriptionOut-of-bounds Read in Assimp::SceneCombiner::Copy. An attacker could potentially exploit the vulnerability to cause a remote code execution, if they can trick the victim into running assimp on a malformed LWS file.
Source⚠️ https://github.com/assimp/assimp/issues/6014
User
 d3ng03 (UID 82651)
Submission03/11/2025 04:41 (1 Year ago)
Moderation03/24/2025 17:49 (14 days later)
StatusAccepted
VulDB entry300858 [Open Asset Import Library Assimp 5.4.3 LWS File LWSLoader.cpp MergeScenes out-of-bounds]
Points17

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!