Vulnerabilities > CVE-2020-6149 - Out-of-bounds Write vulnerability in Pixar Openusd 20.05

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section.

Vulnerable Configurations

Part Description Count
Application
Pixar
1

Common Weakness Enumeration (CWE)