CVE-2021-44445

Name of the Vulnerable Software and Affected Versions: JT Utilities versions prior to 13.1.1.0 JTTK versions prior to 11.1.1.0

Description: A vulnerability has been identified in the JTTK library of affected products, which contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

Recommendations: For JT Utilities versions prior to 13.1.1.0, update to version 13.1.1.0 or later. For JTTK versions prior to 11.1.1.0, update to version 11.1.1.0 or later. As a temporary workaround, consider restricting the use of the JTTK library until a patch is available.