Siemens Jt Utilities vulnerabilities

CVE-2021-44439 [HIGH] CWE-125 CVE-2021-44439: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the cu

CVE-2021-44450 [HIGH] CWE-125 CVE-2021-44450: A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZD

CVE-2021-44440 [HIGH] CWE-119 CVE-2021-44440: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to memory corruption condition while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14912)

CVE-2021-44449 [HIGH] CWE-787 CVE-2021-44449: A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-

CVE-2021-44435 [HIGH] CWE-121 CVE-2021-44435: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to stack based buffer overflow while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14903)

CVE-2021-44431 [LOW] CWE-125 CVE-2021-44431: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the cur

CVE-2021-44436 [LOW] CWE-125 CVE-2021-44436: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the cur

CVE-2021-44448 [LOW] CWE-125 CVE-2021-44448: A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI

CVE-2021-44444 [LOW] CWE-125 CVE-2021-44444: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the cur

CVE-2021-33714 [MEDIUM] CWE-476 CVE-2021-33714: A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing special A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a missing check for the validity of an iterator leads to NULL pointer deference condition, causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.

CVE-2021-33715 [MEDIUM] CWE-476 CVE-2021-33715: A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing special A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a race condition could cause an object to be released before being operated on, leading to NULL pointer deference condition and causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-S

CVE-2021-33713 [MEDIUM] CWE-688 CVE-2021-33713: A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing special A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a hash function is called with an incorrect argument leading the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.