Vulnerabilities > CVE-2020-6155 - Out-of-bounds Write vulnerability in Pixar Openusd 20.05

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.

Vulnerable Configurations

Part Description Count
Application
Pixar
1

Common Weakness Enumeration (CWE)