Lucene search

SiemensCVELIST:CVE-2021-44009

HistoryDec 14, 2021 - 12:06 p.m.

CVE-2021-44009

2021-12-1412:06:46

CWE-125

siemens

www.cve.org

vulnerability

jt2go

teamcenter visualization

out of bounds read

tiff files

information leak

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

26.6%

JSON

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak information in the context of the current process.

CNA Affected

[
  {
    "product": "JT2Go",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V13.2.0.5"
      }
    ]
  },
  {
    "product": "Teamcenter Visualization",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V13.2.0.5"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf