Description
An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
Affected products
- ADMesh / ADMeshMaster Commit 767a105 – Master Commit 767a105
- ADMesh / ADMeshv0.98.4 – v0.98.4
- Slic3r / libslic3rMaster Commit b1a5500 – Master Commit b1a5500