A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf | Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2023-09-12T09:32:20.160Z
Updated: 2023-11-14T11:03:28.851Z
Reserved: 2023-07-12T13:18:53.823Z
Link: CVE-2023-38076
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-12T10:15:28.727
Modified: 2024-02-16T15:14:58.027
Link: CVE-2023-38076
JSON object: View
Redhat Information
No data.