N/A

A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-16973)

N/A

使用未经初始化的指针

Siemens Simcenter Femap 缓冲区错误漏洞

Siemens Simcenter Femap是德国西门子（Siemens）公司的一款尖端工程学仿真应用程序。用于创建、编辑和导入/重用复杂产品或系统基于网格的有限元分析模型。 Simcenter Femap V2022.1.3之前版本、Simcenter Femap V2022.2.2之前版本存在缓冲区错误漏洞，该漏洞源于JTTK库在解析特制JT文件时容易受到未初始化指针引用漏洞的影响，攻击者可以利用此漏洞在当前进程的上下文中执行代码。

N/A

N/A