PT-2019-7810 · Canonical · Unity8
Published
2019-04-22
·
Updated
2020-07-14
·
CVE-2016-1573
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Unity8 versions prior to 8.11+16.04.20160122-0ubuntu1
Description
The issue allows execution of arbitrary code when a fallback image supplied by a scope is used in place of a legitimate image. This is due to a flaw in the file plugins/Dash/CardCreator.js.
Recommendations
For Unity8 versions prior to 8.11+16.04.20160122-0ubuntu1, consider restricting the use of the CardCreator.js file in the plugins/Dash directory until a patch is available. Avoid using the fallback image feature in the affected scope until the issue is resolved.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unity8