CVE-2025-3158
Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Eine kritische Schwachstelle wurde in Open Asset Import Library Assimp 5.4.3 entdeckt. Hierbei geht es um die Funktion Assimp::LWO::AnimResolver::UpdateAnimRangeSetup der Datei code/AssetLib/LWO/LWOAnimation.cpp der Komponente LWO File Handler. Durch Beeinflussen mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur öffentlichen Verfügung.
| 2025-04-03: | Advisory disclosed |
| 2025-04-03: | VulDB entry created |
| 2025-04-03: | VulDB entry last update |
d3ng03 (VulDB User)
vuldb.com/?id.303104 (VDB-303104 | Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow)
vuldb.com/?ctiid.303104 (VDB-303104 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/?submit.542246 (Submit #542246 | Open Asset Import Library Assimp >=5.4.3 Heap-based Buffer Overflow)
github.com/assimp/assimp/issues/6023
github.com/assimp/assimp/issues/6023
Support options
