CVE-2024-47438
published 2024-11-12CVE-2024-47438: Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition vulnerability that could lead to a memory leak. This…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition vulnerability that could lead to a memory leak. This vulnerability allows an attacker to write a controlled value at a controlled memory location, which could result in the disclosure of sensitive memory content. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | substance3d_painter | <= 10.1.0 | — |
| adobe | substance_3d_painter | < 10.1.1 | 10.1.1 |