Description

The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.

Related CPE's

a

siemens

jt2go

Vulnerable

a

siemens

teamcenter_visualization

3

References

https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json

Third Party Advisory

https://cert-portal.siemens.com/productcert/html/ssa-360681.html

PatchThird Party Advisory

https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-15

Third Party AdvisoryUS Government Resource

Weaknesses

[email protected]

Primary
CWE-787

[email protected]

Secondary
CWE-121

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-13T01:15:09.600

1 year ago

Last modified

2023-11-07T03:50:52.743

8 months ago