CVE-2021-38405

The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:13.3.0:*:*:*:*:*:*:*

History

30 Nov 2023, 05:39

Type Values Removed Values Added
First Time Siemens teamcenter Visualization
Siemens
Siemens jt2go
References () https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07 - () https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07 - Third Party Advisory, US Government Resource
References () https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf - () https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf - Vendor Advisory
CPE cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:13.3.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*
CWE CWE-787
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8

21 Nov 2023, 20:31

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-21 19:15

Updated : 2024-02-28 20:54


NVD link : CVE-2021-38405

Mitre link : CVE-2021-38405

CVE.ORG link : CVE-2021-38405


JSON object : View

Products Affected

siemens

  • jt2go
  • teamcenter_visualization
CWE
CWE-787

Out-of-bounds Write

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer