Unity Web Player Heap Memory Corruption Vulnerability
BID:52116
Info
Unity Web Player Heap Memory Corruption Vulnerability
| Bugtraq ID: | 52116 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 22 2012 12:00AM |
| Updated: | Feb 22 2012 12:00AM |
| Credit: | Luigi Auriemma |
| Vulnerable: |
Unity Unity Web Player 3.2.0.61061 |
| Not Vulnerable: | |
Discussion
Unity Web Player Heap Memory Corruption Vulnerability
Unity Web Player is prone to a heap-based memory-corruption vulnerability.
Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Unity Web Player 3.2.0.61061 and prior versions are vulnerable.
Unity Web Player is prone to a heap-based memory-corruption vulnerability.
Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Unity Web Player 3.2.0.61061 and prior versions are vulnerable.
Exploit / POC
Unity Web Player Heap Memory Corruption Vulnerability
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Solution / Fix
Unity Web Player Heap Memory Corruption Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Unity Web Player Heap Memory Corruption Vulnerability
References:
References:
- Unity 3D web player heap corruption (Luigi Auriemma)
- Unity Web Player Homepage (Unity)