---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Right Hemisphere Products U3D Parsing Array Indexing Vulnerability SECUNIA ADVISORY ID: SA37165 VERIFY ADVISORY: http://secunia.com/advisories/37165/ DESCRIPTION: A vulnerability has been discovered in multiple Right Hemisphere products, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an array indexing error in the 3difr.x3d plugin. This can be exploited to potentially corrupt memory via a specially crafted U3D file. This is related to vulnerability #7 in: SA36983 The vulnerability is confirmed in Deep Exploration CAD Edition trial version 6.0.0.5908 and Deep View version 6.0.0.5899. Other products and versions may also be affected. SOLUTION: Do not process untrusted U3D files. PROVIDED AND/OR DISCOVERED BY: Felipe Andres Manzano ORIGINAL ADVISORY: http://sites.google.com/site/felipeandresmanzano/ OTHER REFERENCES: SA36983: http://secunia.com/advisories/36983/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------