RSS   Vulnerabilities for 'Keyshot'   RSS

2021-02-23
 
CVE-2021-22651

CWE-22
 

 
When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are, while processing the extraction of temporary files, suffering from a directory traversal vulnerability, which allows an attacker to store arbitrary scripts into automatic startup folders.

 
 
CVE-2021-22649

CWE-476
 

 
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code.

 
 
CVE-2021-22647

CWE-787
 

 
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code.

 
 
CVE-2021-22645

NVD-CWE-Other
 

 

 
 
CVE-2021-22643

CWE-125
 

 
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.

 

 >>> Vendor: Luxion 4 Products
Keyshot
Keyshot network rendering
Keyshot viewer
Keyvr


Copyright 2021, cxsecurity.com

 

Back to Top