Francis Provencher

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of TIF files due to the lack of proper validation of user-supplied data, resulting in a read past the end of an allocated object. An attacker can leverage this, in conjunction with other issues, to execute arbitrary code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Bentley View version 10.15.0.75 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of SKP files due to the lack of validating the existence of an object prior to performing operations on it. An attacker can leverage this to execute code in the context of the current process. Recommendations: For Bentley View version 10.15.0.75, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Bentley View version 10.15.0.75 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of PDF files, where crafted data can trigger a write past the end of an allocated buffer, allowing an attacker to execute code in the context of the current process. Recommendations: For version 10.15.0.75, consider disabling the PDF parsing functionality until a patch is available. Restrict access to malicious PDF files to minimize the risk of exploitation. Avoid opening untrusted PDF files with Bentley View until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Bentley View version 10.15.0.75 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the processing of 3DS files due to the lack of proper validation of user-supplied data, resulting in a memory corruption condition. An attacker can leverage this to execute code in the context of the current process. Recommendations: For Bentley View version 10.15.0.75, as a temporary workaround, consider restricting the processing of 3DS files until a patch is available. Avoid opening malicious files or visiting malicious pages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Bentley View version 10.15.0.75 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of BMP files due to the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this to execute code in the context of the current process. Recommendations: For Bentley View version 10.15.0.75, as a temporary workaround, consider restricting the parsing of BMP files until a patch is available. Avoid opening malicious files or visiting untrusted websites to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Bentley ContextCapture version 10.18.0.232 Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of OBJ files due to the lack of proper validation of user-supplied data, resulting in a read past the end of an allocated buffer. An attacker can leverage this, in conjunction with other issues, to execute arbitrary code in the context of the current process. Recommendations: For version 10.18.0.232, consider disabling the OBJ file parsing functionality until a patch is available to prevent exploitation. Restrict access to the OBJ file parser to minimize the risk of information disclosure. Avoid using user-supplied data in the OBJ file parsing process until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Bentley ContextCapture version 10.18.0.232 Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of OBJ files due to the lack of proper validation of user-supplied data, resulting in a read past the end of an allocated buffer. An attacker can leverage this, in conjunction with other issues, to execute arbitrary code in the context of the current process. Recommendations: For version 10.18.0.232, consider disabling the OBJ file parsing functionality until a patch is available to prevent exploitation. Restrict access to malicious pages or files to minimize the risk of sensitive information disclosure. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact Classic Automation Worx Software Suite versions 1.87 and below **Description** The issue concerns a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to remote code execution when unallocated memory is freed due to incompletely initialized data. An attacker needs access to an original bus configuration file (`*.bcp`) to manipulate data inside. After manipulation, the attacker must exchange the original file with the manipulated one on the application programming workstation. This could compromise the availability, integrity, or confidentiality of an application programming workstation. Automated systems in operation programmed with the mentioned products are not affected. **Recommendations** For Phoenix Contact Classic Automation Worx Software Suite versions 1.87 and below, consider restricting access to the `*.bcp` files to minimize the risk of exploitation. As a temporary workaround, limit the ability to exchange original files with manipulated ones on the application programming workstation until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simcenter Femap versions prior to 2020.2.MP3 Simcenter Femap versions prior to 2021.1.MP3 **Description** A vulnerability has been identified in the `femap.exe` application, which lacks proper validation of user-supplied data when parsing FEMAP files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. **Recommendations** For Simcenter Femap versions prior to 2020.2.MP3, update to version 2020.2.MP3 or later. For Simcenter Femap versions prior to 2021.1.MP3, update to version 2021.1.MP3 or later.

**Name of the Vulnerable Software and Affected Versions** Simcenter Femap versions prior to 2020.2.MP3 Simcenter Femap versions prior to 2021.1.MP3 **Description** A vulnerability has been identified in the `femap.exe` application, which lacks proper validation of user-supplied data when parsing FEMAP files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. **Recommendations** For Simcenter Femap versions prior to 2020.2.MP3, update to version 2020.2.MP3 or later. For Simcenter Femap versions prior to 2021.1.MP3, update to version 2021.1.MP3 or later.

**Name of the Vulnerable Software and Affected Versions** Simcenter STAR-CCM+ Viewer versions prior to V2021.2.1 **Description** The issue is related to a buffer overflow when parsing SCE format files, which could allow an attacker to execute arbitrary code or cause a denial of service by using a specially crafted file. The starview+.exe application lacks proper validation of user-supplied data when parsing scene files, resulting in an out of bounds write past the end of an allocated structure. **Recommendations** For versions prior to V2021.2.1, update to version V2021.2.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the starview+.exe application until a patch is applied. Avoid using the application to parse untrusted or unknown SCE format files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Tecnomatix Plant Simulation versions prior to V16.0.5 **Description** A vulnerability has been identified in the PlantSimCore.dll library, which lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack-based buffer overflow, allowing an attacker to execute code in the context of the current process. **Recommendations** For versions prior to V16.0.5, update to version V16.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to SPP files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Foxit Studio Photo version 3.6.6.931 **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of ARW files due to the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated data structure, allowing an attacker to execute code in the context of the current process. **Recommendations** For Foxit Studio Photo version 3.6.6.931, consider disabling the ARW file parsing functionality until a patch is available to prevent exploitation. Restrict access to potentially malicious files and websites to minimize the risk of remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Foxit Studio Photo version 3.6.6.931 **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of CMP files due to the lack of proper initialization of memory prior to accessing it. An attacker can leverage this to execute code in the context of the current process. **Recommendations** For Foxit Studio Photo version 3.6.6.931, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the parsing of CMP files until a patch is available. Avoid opening malicious files or visiting malicious pages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Foxit Studio Photo version 3.6.6.931 **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the handling of PSP files due to the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this to execute code in the context of the current process. **Recommendations** For Foxit Studio Photo version 3.6.6.931, consider disabling the handling of PSP files until a patch is available to prevent exploitation. Restrict access to potentially malicious pages or files to minimize the risk of remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Solid Edge SE2020 versions prior to SE2020MP13 Solid Edge SE2020 versions prior to SE2020MP14 Solid Edge SE2021 versions prior to SE2021MP4 **Description** A vulnerability has been identified in affected applications due to a lack of proper validation of user-supplied data when parsing PAR files, potentially resulting in a stack-based buffer overflow. This could allow an attacker to execute code in the context of the current process. **Recommendations** For Solid Edge SE2020 versions prior to SE2020MP13, update to SE2020MP13 or later. For Solid Edge SE2020 versions prior to SE2020MP14, update to SE2020MP14 or later. For Solid Edge SE2021 versions prior to SE2021MP4, update to SE2021MP4 or later.

**Name of the Vulnerable Software and Affected Versions** Solid Edge SE2020 versions prior to SE2020MP13 Solid Edge SE2020 versions prior to SE2020MP14 Solid Edge SE2021 versions prior to SE2021MP4 **Description** A vulnerability has been identified in affected applications due to a lack of proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure, allowing an attacker to execute code in the context of the current process. **Recommendations** For Solid Edge SE2020 versions prior to SE2020MP13, update to SE2020MP13 or later. For Solid Edge SE2020 versions prior to SE2020MP14, update to SE2020MP14 or later. For Solid Edge SE2021 versions prior to SE2021MP4, update to SE2021MP4 or later.

Name of the Vulnerable Software and Affected Versions: Autodesk FBX Review versions 1.5.0 and prior Autodesk FBX Review version 1.4.0 Description: The issue is related to an Out-Of-Bounds Read/Write vulnerability in the FBX file parsing functionality. This vulnerability may lead to code execution or information disclosure through maliciously crafted DLL files. Recommendations: For Autodesk FBX Review versions 1.5.0 and prior, update to a version later than 1.5.0 to resolve the issue. For Autodesk FBX Review version 1.4.0, update to a version later than 1.4.0 to resolve the issue. As a temporary workaround, consider restricting the use of maliciously crafted DLL files until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Adobe Bridge versions 10.1.1 and earlier Adobe Bridge versions 11.0.1 and earlier **Description** The issue is related to an out-of-bounds write vulnerability in Adobe Bridge when parsing a specially crafted file. This can allow a remote attacker to execute arbitrary code in the context of the current user. Exploitation requires user interaction, where a victim must open a malicious file. **Recommendations** For Adobe Bridge versions 10.1.1 and earlier, update to a version later than 10.1.1 to resolve the issue. For Adobe Bridge versions 11.0.1 and earlier, update to a version later than 11.0.1 to resolve the issue. As a temporary workaround, consider avoiding the use of Adobe Bridge to open files from untrusted sources until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Adobe Bridge versions 10.1.1 and earlier Adobe Bridge versions 11.0.1 and earlier **Description** The issue is related to a memory corruption vulnerability when parsing a specially crafted file, which can allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file. **Recommendations** For Adobe Bridge versions 10.1.1 and earlier, update to a version later than 10.1.1 to resolve the issue. For Adobe Bridge versions 11.0.1 and earlier, update to a version later than 11.0.1 to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted files that could trigger the memory corruption vulnerability until a patch is available.