» 2021 » 7월

CVE-2021-34315

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34315

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing SGI files. This could result in an out of bounds read past the end of an allocated buffer.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13356)

Source: CVE-2021-34315

CVE-2021-34316

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34316

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The DL180CoolType.dll library in affected applications lacks proper validation of user-supplied data when
parsing PDF files. This could result in an out of bounds write past the end of an allocated structure.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13380)

Source: CVE-2021-34316

CVE-2021-34319

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34319

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing SGI files. This could result in an out of bounds write past the end of an allocated structure.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13404)

Source: CVE-2021-34319

CVE-2021-34318

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34318

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing PCT files. This could result in an out of bounds write past the end of an allocated structure.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13403)

Source: CVE-2021-34318

CVE-2021-34323

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34323

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when
parsing JT files. This could result in an out of bounds write past the end of an allocated structure.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13419)

Source: CVE-2021-34323

CVE-2021-34322

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34322

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The JPEG2K_Loader.dll library in affected applications lacks proper validation of user-supplied data when
parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer.
An attacker could leverage this vulnerability to leak information in the context of the current process.
(ZDI-CAN-13416)

Source: CVE-2021-34322

CVE-2021-34325

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34325

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when
parsing JT files. This could result in an out of bounds read past the end of an allocated buffer.
An attacker could leverage this vulnerability to leak information in the context of the current process.
(ZDI-CAN-13421)

Source: CVE-2021-34325

CVE-2021-34324

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34324

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13420)

Source: CVE-2021-34324

CVE-2021-34326

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34326

A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when
parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer.
An attacker could leverage this vulnerability to execute code in the context of the current process.
(ZDI-CAN-13422)

Source: CVE-2021-34326

CVE-2021-34321

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-34321

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The VisDraw.dll library in affected applications lacks proper validation of user-supplied data when
parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer.
An attacker could leverage this vulnerability to leak information in the context of the current process.
(ZDI-CAN-13414)

Source: CVE-2021-34321