漏洞标题
N/A
漏洞描述信息
在Teamcenter Visualization V14.3(所有低于V14.3.0.13的版本)、Teamcenter Visualization V2312(所有低于V2312.0009的版本)、Teamcenter Visualization V2406(所有低于V2406.0007的版本)、Teamcenter Visualization V2412(所有低于V2412.0002的版本)、Tecnomatix Plant Simulation V2302(所有低于V2302.0021的版本)、Tecnomatix Plant Simulation V2404(所有低于V2404.0010的版本)中发现了一个漏洞。受影响的应用程序在解析特制的WRL文件时,可能触发使用已释放的内存的漏洞。攻击者可以利用此漏洞在当前进程中执行代码。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
漏洞类别
不恰当的资源关闭或释放
漏洞标题
N/A
漏洞描述信息
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files.
An attacker could leverage this vulnerability to execute code in the context of the current process.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
释放后使用