CVE-2021-44445
published 2021-12-14CVE-2021-44445: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15054)
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | jt_open_toolkit | < 11.1.1.0 | 11.1.1.0 |
| siemens | jt_utilities | < 13.1.1.0 | 13.1.1.0 |
| siemens | jt_utilities | — | — |
| siemens | jttk | — | — |