1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Vulnerability Descriptions
  6. SA200900321

Browse3D ".sfs" Processing Buffer Overflow Vulnerability

Report ID: SA200900321
Source: Secunia
Date of Discovery: 13.01.2009
Criticality: Urgent
Affects:
Browse3D 3.x
Compromise From: From remote
Compromise Type: System access

Summary

A vulnerability has been discovered in Browse3D, which potentially can be exploited by malicious people to compromise a user's system.

Detailed Description

The vulnerability is caused due to a boundary error when processing ".sfs" files and can be exploited to cause a stack-based buffer overflow.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is confirmed in version 3.5. Other versions may also be affected.

Solution

Do not open untrusted ".sfs" files using the application.