user/plib: CVE-2012-4552: buffer overflow via crafted file
| Bugzilla ID | 171 |
| Alias(es) | CVE-2012-4552 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2019-08-03 00:38:46 -0500 |
| Modified | 2020-06-22 06:23:52 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA3 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/plib |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2012-4552 |
Description
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx
in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a
crafted 3d model file that triggers a long error message, as
demonstrated by a .ase file.