CVE-2021-34333
published 2021-07-13CVE-2021-34333: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. A malformed input file could result in double free of an allocated buffer that leads to a crash. An attacker could leverage this vulnerability to cause denial of service condition. (CNVD-C-2021-79295)
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | jt2go | < 13.2.0 | 13.2.0 |
| siemens | jt2go | — | — |
| siemens | teamcenter_visualization | < 13.2.0 | 13.2.0 |
| siemens | teamcenter_visualization | — | — |