CVE-2010-0280
EPSS 6.7%
描述
Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c.
如何修補 CVE-2010-0280
要修補 CVE-2010-0280,請將受影響套件升級到下列已修補版本。
- Debian/lib3ds—升級至 1.3.0-5 或更新版本
- Debian/openscenegraph—升級至 2.8.0-1 或更新版本
CVE-2010-0280 正在被利用嗎?
中等 — EPSS 為 6.7%,可持續追蹤但非最高優先。
受影響套件(2)
- from 0, < 1.3.0-5
- from 0, < 2.8.0-1