CVE-2021-44007

Published: Dec 14, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll contains an off-by-one error in the heap while parsing specially crafted TIFF files. This could allow an attacker to cause a denial-of-service condition.

Affected (2)

Products: Siemens: Jt2go, Teamcenter Visualization

2 products

Teamcenter Visualization

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Siemens Jt2go	Before 13.2.0.5
Siemens Teamcenter Visualization	Before 13.2.0.5

Related CWEs

Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

References (2)

https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf

Source: productcert@siemens.com

PatchVendor Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.