Vulnerability Details : CVE-2020-6149

CVE Name: CVE-2020-6149: Memory Corruption vulnerability on Pixar Openusd
Description: A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section.
Publish date: 2020-11-13T15:15Z
Last Update: 2022-05-13T20:57Z

CVSS Scores & Vulnerability Types

CVSS Score
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH
Actack VectorLOCAL
Actack ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Vulnerability Type(s)Memory Corruption

Products Affected By CVE-2020-6149

# Vendor Product Vulnerable Versions
1 Pixar Openusd 1

Detail of Verions Affected

# Product Type Vendor Product Version
1 Application Pixar Openusd 20.05

References For CVE-2020-6149

Hyperlink Resource Exploit, Third Party Advisory