CVE-2022-29925
First published: Tue Jun 14 2022(Updated: )
Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
Credit: vultures@jpcert.or.jp vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fujielectric V-sft | <6.1.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-29925.
What is the severity of CVE-2022-29925?
The severity of CVE-2022-29925 is high with a CVSS score of 7.8.
What is the affected software for CVE-2022-29925?
The affected software for CVE-2022-29925 is Fujielectric V-SFT versions prior to v6.1.6.0.
How does the vulnerability CVE-2022-29925 work?
CVE-2022-29925 is an access of uninitialized pointer vulnerability that exists in the simulator module contained in the graphic editor 'V-SFT'. An attacker can exploit this vulnerability by having a user open a specially crafted image file, which may allow them to obtain information and/or execute arbitrary code.
Are there any known fixes for CVE-2022-29925?
Yes, the vulnerability can be fixed by updating the Fujielectric V-SFT software to version v6.1.6.0 or later.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/fujielectric
- canonical/fujielectric v-sft