CVE-2024-37997

Name of the Vulnerable Software and Affected Versions: JT Open versions prior to V11.5 JT2Go versions prior to V2406.0003 PLM XML SDK versions prior to V7.1.0.014 Teamcenter Visualization V14.2 versions prior to V14.2.0.13 Teamcenter Visualization V14.3 versions prior to V14.3.0.11 Teamcenter Visualization V2312 versions prior to V2312.0008 Teamcenter Visualization V2406 versions prior to V2406.0003

Description: The issue is related to a stack-based overflow vulnerability that occurs when parsing specially crafted XML files. This could allow an attacker to execute code in the context of the current process by using a malicious XML file.

Recommendations: For JT Open versions prior to V11.5, update to version V11.5 or later. For JT2Go versions prior to V2406.0003, update to version V2406.0003 or later. For PLM XML SDK versions prior to V7.1.0.014, update to version V7.1.0.014 or later. For Teamcenter Visualization V14.2 versions prior to V14.2.0.13, update to version V14.2.0.13 or later. For Teamcenter Visualization V14.3 versions prior to V14.3.0.11, update to version V14.3.0.11 or later. For Teamcenter Visualization V2312 versions prior to V2312.0008, update to version V2312.0008 or later. For Teamcenter Visualization V2406 versions prior to V2406.0003, update to version V2406.0003 or later.