CVE-2021-34313
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing TIFF files. This could result in an out of bounds write past the fixed-length heap-based buffer.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13354)
Source: CVE-2021-34313
CVE-2021-34314
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing SGI files. This could result in an out of bounds write past the end of an allocated structure.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13355)
Source: CVE-2021-34314
CVE-2021-34307
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_Loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer.
An attacker could leverage this vulnerability to leak information in the context of the current process.
(ZDI-CAN-13343)
Source: CVE-2021-34307
CVE-2021-34304
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_Loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer.
An attacker could leverage this vulnerability to leak information in the context of the current process.
(ZDI-CAN-13199)
Source: CVE-2021-34304
CVE-2021-34312
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing TIFF files. This could result in an out of bounds write past the fixed-length heap-based buffer.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13353)
Source: CVE-2021-34312
CVE-2021-34295
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing GIF files. This could result in an out of bounds write past the end of an allocated structure.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13024)
Source: CVE-2021-34295
CVE-2021-33715
A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a race condition could cause an object to be released before being operated on, leading to NULL pointer deference condition and causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.
Source: CVE-2021-33715
CVE-2021-34293
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing GIF files. This could result in an out of bounds write past the end of an allocated structure.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13020)
Source: CVE-2021-34293
CVE-2021-33714
A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a missing check for the validity of an iterator leads to NULL pointer deference condition, causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.
Source: CVE-2021-33714
CVE-2021-34292
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-12959)
Source: CVE-2021-34292