Search criteria
6 vulnerabilities found for unity_editor by unity3d
FKIE_CVE-2019-9197
Vulnerability from fkie_nvd - Published: 2019-12-31 17:15 - Updated: 2024-11-21 04:51
Severity
Summary
The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://unity3d.com/security#CVE-2019-9197 | Mitigation, Patch, Vendor Advisory | |
| cve@mitre.org | https://www.zerodayinitiative.com/advisories/ZDI-19-252/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://unity3d.com/security#CVE-2019-9197 | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-19-252/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| unity3d | unity_editor | * | |
| unity3d | unity_editor | * | |
| unity3d | unity_editor | * | |
| unity3d | unity_editor | * | |
| unity3d | unity_editor | * | |
| unity3d | unity_editor | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B033FA94-032F-4DBF-84C9-0147DBFF5A19",
"versionEndExcluding": "5.6.7f1",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB0C8BC-3DB2-462F-9A58-9EE6771CCF6D",
"versionEndExcluding": "2017.4.22f1",
"versionStartIncluding": "2017.4.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4747C1-2C09-43ED-ABE7-892A015DCBA2",
"versionEndExcluding": "2018.2.21f1",
"versionStartIncluding": "2018.2.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE2C5CF-AC37-4526-B9ED-5AA9D9C0A078",
"versionEndExcluding": "2018.3.7f1",
"versionStartIncluding": "2018.3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3ACB0F-F1CE-462F-9201-61B083B7B803",
"versionEndExcluding": "2019.1.0b5",
"versionStartIncluding": "2019.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA3B66C-4A63-4973-AE4C-2EAAC0A72311",
"versionEndExcluding": "2019.2.0a7",
"versionStartIncluding": "2019.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code."
},
{
"lang": "es",
"value": "El controlador de protocolo de com.unity3d.kharma en Unity Editor versi\u00f3n 2018.3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2019-9197",
"lastModified": "2024-11-21T04:51:11.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-31T17:15:10.943",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://unity3d.com/security#CVE-2019-9197"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://unity3d.com/security#CVE-2019-9197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-12939
Vulnerability from fkie_nvd - Published: 2017-08-18 13:29 - Updated: 2026-05-13 00:24
Severity
Summary
A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/100444 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://twitter.com/0x09AL/status/898635999185711108 | ||
| cve@mitre.org | https://unity3d.com/security#issues | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100444 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://twitter.com/0x09AL/status/898635999185711108 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://unity3d.com/security#issues | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| unity3d | unity_editor | 5.3.8 | |
| unity3d | unity_editor | 5.4.0 | |
| unity3d | unity_editor | 5.4.1 | |
| unity3d | unity_editor | 5.4.2 | |
| unity3d | unity_editor | 5.4.3 | |
| unity3d | unity_editor | 5.4.4 | |
| unity3d | unity_editor | 5.5.0 | |
| unity3d | unity_editor | 5.5.1 | |
| unity3d | unity_editor | 5.5.2 | |
| unity3d | unity_editor | 5.5.3 | |
| unity3d | unity_editor | 5.6.0 | |
| unity3d | unity_editor | 5.6.1 | |
| unity3d | unity_editor | 5.6.2 | |
| unity3d | unity_editor | 2017.1.0 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "077DD33E-1976-408D-A367-1BD9636FC35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B56F1E1A-1CBD-4129-8BC0-A54B5D645126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9A3DCD-FA91-4130-A3BC-9507236E7C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F50CC365-E2FC-4B1B-9CE2-5415399B9E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5F1B23-E1DE-4C2A-9395-75DD01C44822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8167AEDA-1318-45B9-BDB5-EC85AB7E803C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42BA0A2B-C527-4577-BEBD-EC3C929D977F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54D733A3-EE69-4854-8044-1A45E6780B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5645267-E999-4C76-8829-3441F9D73D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2B16C1-005D-42A7-8287-09AEEC27644E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7336648E-EB60-4D97-8917-A638D5D4E716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "327D3584-9491-4E2B-86B3-DB0F9C752A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DA49F442-16D0-400F-A316-B8733BE4EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unity3d:unity_editor:2017.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09E2AD21-8E16-49E9-A956-5D11D5661AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en todas las versiones de Unity Editor para Windows. Por ejemplo, las anteriores a 5.3.8p2, 5.4.x anterior a 5.4.5p5, 5.5.x anterior a 5.5.4p3, 5.6.x anterior a 5.6.3p1 y 2017.x anterior a 2017.1.0p4."
}
],
"id": "CVE-2017-12939",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-18T13:29:00.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100444"
},
{
"source": "cve@mitre.org",
"url": "https://twitter.com/0x09AL/status/898635999185711108"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://unity3d.com/security#issues"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://twitter.com/0x09AL/status/898635999185711108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://unity3d.com/security#issues"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-9197 (GCVE-0-2019-9197)
Vulnerability from cvelistv5 – Published: 2019-12-31 16:30 – Updated: 2024-08-04 21:38
VLAI
Summary
The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://unity3d.com/security#CVE-2019-9197 | x_refsource_CONFIRM |
Date Public
2019-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:38:46.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://unity3d.com/security#CVE-2019-9197"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-31T16:30:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://unity3d.com/security#CVE-2019-9197"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
},
{
"name": "https://unity3d.com/security#CVE-2019-9197",
"refsource": "CONFIRM",
"url": "https://unity3d.com/security#CVE-2019-9197"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9197",
"datePublished": "2019-12-31T16:30:02.000Z",
"dateReserved": "2019-02-26T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:38:46.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12939 (GCVE-0-2017-12939)
Vulnerability from cvelistv5 – Published: 2017-08-18 13:00 – Updated: 2024-08-05 18:51
VLAI
Summary
A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/100444 | vdb-entryx_refsource_BID |
| https://unity3d.com/security#issues | x_refsource_CONFIRM |
| https://twitter.com/0x09AL/status/898635999185711108 | x_refsource_MISC |
Date Public
2017-08-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:51:07.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100444",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100444"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://unity3d.com/security#issues"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/0x09AL/status/898635999185711108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-12T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "100444",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100444"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://unity3d.com/security#issues"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/0x09AL/status/898635999185711108"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100444"
},
{
"name": "https://unity3d.com/security#issues",
"refsource": "CONFIRM",
"url": "https://unity3d.com/security#issues"
},
{
"name": "https://twitter.com/0x09AL/status/898635999185711108",
"refsource": "MISC",
"url": "https://twitter.com/0x09AL/status/898635999185711108"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12939",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2017-08-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:51:07.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9197 (GCVE-0-2019-9197)
Vulnerability from nvd – Published: 2019-12-31 16:30 – Updated: 2024-08-04 21:38
VLAI
Summary
The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://unity3d.com/security#CVE-2019-9197 | x_refsource_CONFIRM |
Date Public
2019-03-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:38:46.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://unity3d.com/security#CVE-2019-9197"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-03-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-31T16:30:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://unity3d.com/security#CVE-2019-9197"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
},
{
"name": "https://unity3d.com/security#CVE-2019-9197",
"refsource": "CONFIRM",
"url": "https://unity3d.com/security#CVE-2019-9197"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9197",
"datePublished": "2019-12-31T16:30:02.000Z",
"dateReserved": "2019-02-26T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:38:46.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12939 (GCVE-0-2017-12939)
Vulnerability from nvd – Published: 2017-08-18 13:00 – Updated: 2024-08-05 18:51
VLAI
Summary
A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/100444 | vdb-entryx_refsource_BID |
| https://unity3d.com/security#issues | x_refsource_CONFIRM |
| https://twitter.com/0x09AL/status/898635999185711108 | x_refsource_MISC |
Date Public
2017-08-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:51:07.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100444",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100444"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://unity3d.com/security#issues"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/0x09AL/status/898635999185711108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-12T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "100444",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100444"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://unity3d.com/security#issues"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/0x09AL/status/898635999185711108"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100444"
},
{
"name": "https://unity3d.com/security#issues",
"refsource": "CONFIRM",
"url": "https://unity3d.com/security#issues"
},
{
"name": "https://twitter.com/0x09AL/status/898635999185711108",
"refsource": "MISC",
"url": "https://twitter.com/0x09AL/status/898635999185711108"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12939",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2017-08-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:51:07.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}