Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-5015 | 1 Pixar | 1 Renderman | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
A local privilege escalation vulnerability exists in the Mac OS X version of Pixar Renderman 22.3.0's Install Helper helper tool. A user with local access can use this vulnerability to escalate their privileges to root. An attacker would need local access to the machine for a successful exploit. | |||||
CVE-2018-4055 | 1 Pixar | 1 Renderman | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to read any root file from the file system. An attacker would need local access to the machine to successfully exploit this flaw. | |||||
CVE-2018-4054 | 1 Pixar | 1 Renderman | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to escalate their privileges to root. An attacker would need local access to the machine to successfully exploit this flaw. | |||||
CVE-2018-3841 | 1 Pixar | 1 Renderman | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x69). The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and its use can lead to a null pointer dereference. The IT application is opened by a user and then listens for a connection on port 4001. An attacker can deliver an attack once the application has been opened. | |||||
CVE-2018-3840 | 1 Pixar | 1 Renderman | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x67). The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read by the application is not validated, and its use can lead to a null pointer dereference. The IT application is opened by a user and then listens for a connection on port 4001. An attacker can deliver an attack once the application has been opened. |