CVE-2024-34086

Name of the Vulnerable Software and Affected Versions JT2Go versions prior to V2312.0001 Teamcenter Visualization V14.1 versions prior to V14.1.0.13 Teamcenter Visualization V14.2 versions prior to V14.2.0.10 Teamcenter Visualization V14.3 versions prior to V14.3.0.7 Teamcenter Visualization V2312 versions prior to V2312.0001

Description The issue is related to an out of bounds write vulnerability when parsing a specially crafted CGM file. This could allow an attacker to execute code in the context of the current process. The vulnerability is associated with a buffer overflow in memory, which can be exploited using specially crafted CGM files, potentially allowing an attacker to execute arbitrary code.

Recommendations For JT2Go versions prior to V2312.0001, update to version V2312.0001 or later. For Teamcenter Visualization V14.1 versions prior to V14.1.0.13, update to version V14.1.0.13 or later. For Teamcenter Visualization V14.2 versions prior to V14.2.0.10, update to version V14.2.0.10 or later. For Teamcenter Visualization V14.3 versions prior to V14.3.0.7, update to version V14.3.0.7 or later. For Teamcenter Visualization V2312 versions prior to V2312.0001, update to version V2312.0001 or later.