← Back

CVE-2023-1709

nvd nist
Published: Jun 7, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Datalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process.

Affected (6)

Siemens
2 products
Jt2go
Teamcenter Visualization
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Jt2go
Before 14.2.0.2
Siemens
Teamcenter Visualization
From 13.2.0 to 13.2.0.13
Teamcenter Visualization
From 13.3.0 to 13.3.0.9
Teamcenter Visualization
From 14.0 to 14.0.0.5
Teamcenter Visualization
From 14.1 to 14.1.0.7
Teamcenter Visualization
From 14.2 to 14.2.0.2

Related CWEs

CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (6)

Source: ics-cert@hq.dhs.gov
Broken LinkVendor Advisory
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryUS Government Resource
Source: ics-cert@hq.dhs.gov
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.