Lucene search
HistoryJun 07, 2023 - 9:15 p.m.
CVE-2023-1709
datalogics library
apdfl
buffer overflow
vulnerability
corrupted fonts
rendering process
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
20.3%
Datalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process.
Affected configurations
Node
siemensjt2goRange<14.2.0.2
ORsiemensteamcenter_visualizationRange13.2.0–13.2.0.13
ORsiemensteamcenter_visualizationRange13.3.0–13.3.0.9
ORsiemensteamcenter_visualizationRange14.0–14.0.0.5
ORsiemensteamcenter_visualizationRange14.1–14.1.0.7
ORsiemensteamcenter_visualizationRange14.2–14.2.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | jt2go | * | cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:* |
| siemens | teamcenter_visualization | * | cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:* |
Related
ics
ics
Datalogics Library Third-Party
2023-06-13 12:00:00
Siemens Teamcenter Visualization and JT2Go
2023-04-13 12:00:00
prion
prion
Stack overflow
2023-06-07 21:15:00
cve
cve
CVE-2023-1709
2023-06-07 21:15:12
cvelist
cvelist
CVE-2023-1709 Datalogics Library APDFL Stack-based Buffer Overflow
2023-06-07 20:36:05
nessus
nessus
Siemens JT2Go < 14.2.0.2 Code Execution (SSA-629917)
2023-04-20 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
20.3%
Related for NVD:CVE-2023-1709