CVE-2022-29030
20.05.2022, 13:15
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.Enginsight
| Vendor | Product | Version |
|---|---|---|
| siemens | jt2go | 𝑥 < 13.3.0.3 |
| siemens | teamcenter_visualization | 13.3 ≤ 𝑥 < 13.3.0.3 |
| siemens | teamcenter_visualization | 14.0 ≤ 𝑥 < 14.0.0.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-680 - Integer Overflow to Buffer OverflowThe product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.
- CWE-190 - Integer Overflow or WraparoundThe software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.