漏洞标题
N/A
漏洞描述信息
在以下版本的Teamcenter Visualization和Tecnomatix Plant Simulation软件中发现了一个漏洞:Teamcenter Visualization V14.3(所有低于V14.3.0.13的版本)、Teamcenter Visualization V2312(所有低于V2312.0009的版本)、Teamcenter Visualization V2406(所有低于V2406.0007的版本)、Teamcenter Visualization V2412(所有低于V2412.0002的版本)、Tecnomatix Plant Simulation V2302(所有低于V2302.0021的版本)以及Tecnomatix Plant Simulation V2404(所有低于V2404.0010的版本)。当这些受影响的应用程序解析特制的WRL文件时,会发生越界写入漏洞。这可能会使攻击者能够在当前进程的上下文中执行代码。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
漏洞类别
跨界内存写
漏洞标题
N/A
漏洞描述信息
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.
This could allow an attacker to execute code in the context of the current process.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
跨界内存写