Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wb5p-ph3c-nqbu
Summary
Luxion KeyShot Viewer KSP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22266.
Aliases
0
alias CVE-2024-5507
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5507
reference_id
reference_type
scores
0
value 0.03881
scoring_system epss
scoring_elements 0.88557
published_at 2026-06-14T12:55:00Z
1
value 0.03881
scoring_system epss
scoring_elements 0.88512
published_at 2026-06-11T12:55:00Z
2
value 0.03881
scoring_system epss
scoring_elements 0.88551
published_at 2026-06-12T12:55:00Z
3
value 0.03881
scoring_system epss
scoring_elements 0.88558
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5507
1
reference_url https://www.keyshot.com/csirt/
reference_id csirt
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T20:14:01Z/
url https://www.keyshot.com/csirt/
2
reference_url https://www.zerodayinitiative.com/advisories/ZDI-24-541/
reference_id ZDI-24-541
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T20:14:01Z/
url https://www.zerodayinitiative.com/advisories/ZDI-24-541/
Weaknesses
0
cwe_id 121
name Stack-based Buffer Overflow
description A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Exploits
Severity_range_score7.8 - 7.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wb5p-ph3c-nqbu