CVE-2024-37996
published 2024-07-09CVE-2024-37996: A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter…
medium4.8CVSS 4.0
AVLACLATNPRNUIPVCNVINVALSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions < V14.2.0.13), Teamcenter Visualization V14.3 (All versions < V14.3.0.11), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0003). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted XML files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | jt2go | < V2406.0003 | V2406.0003 |
| siemens | jt_open | < V11.5 | V11.5 |
| siemens | plm_xml_sdk | < V7.1.0.014 | V7.1.0.014 |
| siemens | teamcenter_visualization_v14.2 | < V14.2.0.13 | V14.2.0.13 |
| siemens | teamcenter_visualization_v14.3 | < V14.3.0.11 | V14.3.0.11 |
| siemens | teamcenter_visualization_v2312 | < V2312.0008 | V2312.0008 |
| siemens | teamcenter_visualization_v2406 | < V2406.0003 | V2406.0003 |