CVE-2022-2949

CVSS V2 None CVSS V3 None
Description
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.
Overview
  • CVE ID
  • CVE-2022-2949
  • Assigner
  • ics-cert@hq.dhs.gov
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-13T21:15:11
  • Last Modified Date
  • 2022-12-16T21:48:44
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:altair:hyperview_player:*:*:*:*:*:*:*:* 1 OR 2021.1.0.27
References
History
Created Old Value New Value Data Type Notes
2022-12-13 22:14:53 Added to TrackCVE
2022-12-14 14:15:15 2022-12-13T21:15:11.427 2022-12-13T21:15:11 CVE Published Date updated
2022-12-14 14:15:15 2022-12-14T14:09:58 CVE Modified Date updated
2022-12-14 14:15:15 Received Awaiting Analysis Vulnerability Status updated
2022-12-15 04:15:12 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-18 04:35:25 2022-12-16T21:48:44 CVE Modified Date updated
2022-12-18 04:35:25 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-18 04:35:38 CPE Information updated