Convex 3D readObjectChunk buffer overflow
| convex-3d-readobjectchunk-bo (18601) |  High Risk |
Description:
Convex 3D is vulnerable to a buffer overflow, caused by improper bounds checking in the readObjectChunk function in the 3dsimp.cpp file. By creating a specially-crafted 3DS file, a remote attacker could overflow a buffer and execute arbitrary code on the system with user privileges, once the file is processed.
Platforms Affected:
- 3D Foundry, Convex 3D 0.8pre1
Remedy:
No remedy available as of July 4, 2009.
Consequences:
Gain Access
References:
- Convex 3D Web page, Convex 3D at http://sourceforge.net/projects/convex3d/.
- University of Illinois Chicago Web site, Convex 3D 0.8pre1 readObjectChunk overflows objectname buffer at http://tigger.uic.edu/~jlongs2/holes/convex3d.txt.
- BID-11995: Convex 3D Buffer Overflow Vulnerability
- CVE-2004-1265: Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the convex-tool program in Convex 3D 0.8pre1 allows remote attackers to execute arbitrary code via a crafted 3DS file.
Reported:
Dec 17, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net