CVE-2025-5165

MEDIUM Year: 2025
CVSS v3 Score
3.3
Low
CVSS v2 Score
1.7
Low
Weakness Type
CWE-119
View all →

Vulnerability Description

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of the argument pcSurface2 leads to out-of-bounds read. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Related Vulnerabilities

CVE-2016-1758

LOW
CVSS:3.3(Low)

The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app.

CWE-1192016

CVE-2016-1790

LOW
CVSS:3.3(Low)

Buffer overflow in the Accessibility component in Apple iOS before 9.3.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

CWE-1192016

CVE-2017-17293

LOW
CVSS:3.3(Low)

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, ...

CWE-1192017

CVE-2017-17321

LOW
CVSS:3.3(Low)

Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker cou...

CWE-1192017

CVE-2017-3020

LOW
CVSS:3.3(Low)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module.

CWE-1192017

CVE-2017-3029

LOW
CVSS:3.3(Low)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream.

CWE-1192017