Lucene search

SiemensCVELIST:CVE-2021-44008

HistoryDec 14, 2021 - 12:06 p.m.

CVE-2021-44008

2021-12-1412:06:45

CWE-125

siemens

www.cve.org

jt2go

teamcenter visualization

tiff files

out of bounds read

information leak

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

26.6%

JSON

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak information in the context of the current process.

CNA Affected

[
  {
    "product": "JT2Go",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V13.2.0.5"
      }
    ]
  },
  {
    "product": "Teamcenter Visualization",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V13.2.0.5"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf