exploitDog

CVE-2022-32239

Опубликовано: 14 июн. 2022

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Ссылки

https://launchpad.support.sap.com/#/notes/3206271
Permissions Required
Vendor Advisory
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Vendor Advisory
https://launchpad.support.sap.com/#/notes/3206271
Permissions Required
Vendor Advisory
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:3d_visual_enterprise_viewer:*:*:*:*:*:*:*:*

Версия до 9.0 (включая)

EPSS

Процентиль: 35%

0.00143

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-6w3h-rrf8-8m66

CVSS3: 3.3

github

больше 3 лет назад

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

EPSS

Процентиль: 35%

0.00143

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20