First published: Tue Dec 14 2021(Updated: )
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll contains an off-by-one error in the heap while parsing specially crafted TIFF files. This could allow an attacker to cause a denial-of-service condition.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens JT2Go | <13.2.0.5 | |
Siemens Teamcenter Visualization | <13.2.0.5 | |
Siemens JT2Go | <13.2.0.5 | 13.2.0.5 |
Siemens Teamcenter Visualization | <13.2.0.5 | 13.2.0.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2021-44007.
All versions of JT2Go and Teamcenter Visualization prior to V13.2.0.5 are affected.
The severity of CVE-2021-44007 is medium, with a severity value of 5.5.
CVE-2021-44007 can cause a denial-of-service condition in the affected software.
Yes, upgrading to version V13.2.0.5 or later of JT2Go and Teamcenter Visualization will fix this vulnerability.