CVE-2024-31980
published 2024-05-14CVE-2024-31980: A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36.0 (All versions < V36.0.210), Parasolid V36.1 (All versions <…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36.0 (All versions < V36.0.210), Parasolid V36.1 (All versions < V36.1.185). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T part file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-23468)
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | parasolid | >= 35.1 < 35.1.256 | 35.1.256 |
| siemens | parasolid | >= 36.0 < 36.0.210 | 36.0.210 |
| siemens | parasolid | >= 36.1 < 36.1.185 | 36.1.185 |
| siemens | parasolid_v35.1 | < V35.1.256 | V35.1.256 |
| siemens | parasolid_v36.0 | < V36.0.210 | V36.0.210 |
| siemens | parasolid_v36.1 | < V36.1.185 | V36.1.185 |