CVE-2025-2757
Open Asset Import Library Assimp MD5 File MD5Parser.cpp AI_MD5_PARSE_STRING_IN_QUOTATION heap-based overflow
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Open Asset Import Library Assimp MD5 File MD5Parser.cpp AI_MD5_PARSE_STRING_IN_QUOTATION heap-based overflow
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function AI_MD5_PARSE_STRING_IN_QUOTATION of the file code/AssetLib/MD5/MD5Parser.cpp of the component MD5 File Handler. The manipulation of the argument data leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
In Open Asset Import Library Assimp 5.4.3 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Betroffen ist die Funktion AI_MD5_PARSE_STRING_IN_QUOTATION der Datei code/AssetLib/MD5/MD5Parser.cpp der Komponente MD5 File Handler. Dank Manipulation des Arguments data mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
| 2025-03-24: | Advisory disclosed |
| 2025-03-24: | VulDB entry created |
| 2025-03-24: | VulDB entry last update |
d3ng03 (VulDB User)
vuldb.com/?id.300862 (VDB-300862 | Open Asset Import Library Assimp MD5 File MD5Parser.cpp AI_MD5_PARSE_STRING_IN_QUOTATION heap-based overflow)
vuldb.com/?ctiid.300862 (VDB-300862 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/?submit.517817 (Submit #517817 | Open Asset Import Library Assimp >=5.4.3 Heap-based Buffer Overflow)
github.com/assimp/assimp/issues/6019
github.com/assimp/assimp/issues/6019
Support options
