CVE-2023-49600

An out-of-bounds write vulnerability exists in the PlyFile ply_cast_ascii functionality of libigl v2.5.0. A specially crafted .ply file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libigl:libigl:2.5.0:*:*:*:*:*:*:*

History

12 Feb 2025, 16:14

Type Values Removed Values Added
CPE cpe:2.3:a:libigl:libigl:2.5.0:*:*:*:*:*:*:*
First Time Libigl
Libigl libigl
CWE CWE-787
References () https://talosintelligence.com/vulnerability_reports/TALOS-2023-1879 - () https://talosintelligence.com/vulnerability_reports/TALOS-2023-1879 - Exploit, Third Party Advisory
References () https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1879 - () https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1879 - Exploit, Third Party Advisory

21 Nov 2024, 08:33

Type Values Removed Values Added
References () https://talosintelligence.com/vulnerability_reports/TALOS-2023-1879 - () https://talosintelligence.com/vulnerability_reports/TALOS-2023-1879 -
References () https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1879 - () https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1879 -

10 Jun 2024, 17:16

Type Values Removed Values Added
References
  • () https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1879 -
Summary
  • (es) Existe una vulnerabilidad de escritura fuera de los límites en la funcionalidad PlyFile ply_cast_ascii de libigl v2.5.0. Un archivo .ply especialmente manipulado puede provocar un desbordamiento del búfer del montón. Un atacante puede proporcionar un archivo malicioso para desencadenar esta vulnerabilidad.

28 May 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-28 14:15

Updated : 2025-02-12 16:14


NVD link : CVE-2023-49600

Mitre link : CVE-2023-49600

CVE.ORG link : CVE-2023-49600


JSON object : View

Products Affected

libigl

  • libigl
CWE
CWE-122

Heap-based Buffer Overflow

CWE-787

Out-of-bounds Write