CVE-2023-30795

Name of the Vulnerable Software and Affected Versions JT Open versions prior to V11.4 JT Utilities versions prior to V13.4 Parasolid V34.0 versions prior to V34.0.253 Parasolid V34.1 versions prior to V34.1.243 Parasolid V35.0 versions prior to V35.0.177 Parasolid V35.1 versions prior to V35.1.073

Description The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. The issue is related to a buffer read beyond the allocated memory, which may enable an attacker to execute arbitrary code.

Recommendations For JT Open versions prior to V11.4, update to version V11.4 or later. For JT Utilities versions prior to V13.4, update to version V13.4 or later. For Parasolid V34.0 versions prior to V34.0.253, update to version V34.0.253 or later. For Parasolid V34.1 versions prior to V34.1.243, update to version V34.1.243 or later. For Parasolid V35.0 versions prior to V35.0.177, update to version V35.0.177 or later. For Parasolid V35.1 versions prior to V35.1.073, update to version V35.1.073 or later.