Lucene search
HistoryJan 13, 2023 - 1:15 a.m.
CVE-2022-3160
apdfl.dll
out-of-bounds write
pdf parsing
attacker
code execution
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
32.8%
The APDFL.dll contains an out-of-bounds write past the fixed-length
heap-based buffer while parsing specially crafted PDF files. This could
allow an attacker to execute code in the context of the current process.
Affected configurations
Node
siemensjt2goRange<14.1.0.5
ORsiemensteamcenter_visualizationRange13.3.0–13.3.0.8
ORsiemensteamcenter_visualizationRange14.0–14.0.0.4
ORsiemensteamcenter_visualizationRange14.1–14.1.0.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | jt2go | * | cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:* |
| siemens | teamcenter_visualization | * | cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:* |
Related
cnvd
cnvd
cve
cve
CVE-2022-3160
2023-01-13 01:15:09
prion
prion
Heap overflow
2023-01-13 01:15:00
cvelist
cvelist
CVE-2022-3160
2023-01-13 00:16:30
ics
ics
Siemens Teamcenter Visualization and JT2Go
2022-12-15 12:00:00
nessus
nessus
Siemens JT2Go < 14.1.0.5 Multiple Vulnerabilities (SSA-360681)
2022-12-15 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
32.8%
Related for NVD:CVE-2022-3160