Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-75cg-g4f4-h9c2

Опубликовано: 13 июн. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 7.8

Описание

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

Ссылки

EPSS

Процентиль: 20%
0.00066
Низкий

7.8 High

CVSS3

CVE ID

CVE-2023-33124

Дефекты

CWE-119
CWE-787

Связанные уязвимости

nvd логотип

CVE-2023-33124

CVSS3: 7.8
nvd
больше 2 лет назад

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

fstec логотип

BDU:2023-03455

CVSS3: 7.8
fstec
больше 2 лет назад

Уязвимость инструмента для просмотра 3D JT JT2Go и системы управления жизненным циклом продукции Teamcenter Visualization, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 20%
0.00066
Низкий

7.8 High

CVSS3

CVE ID

CVE-2023-33124

Дефекты

CWE-119
CWE-787