CVE-2022-39144 V33.1-V33.1.262 has a vulnerability. V34.0-V34.1.242 has a vulnerability. V35.0 has no vulnerabilities.
A vulnerability has been identified in Parasolid V33.1 (All versions V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 V33.1.263), Parasolid V34.0 (All versions V34.0.252), Parasolid V34.1 (All versions V34.1.242), Parasolid V35.0 (All versions V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 V35.0.164), Simcenter Femap V2022.1 (All versions V2022.1.3), Simcenter Femap V2022.2 (All versions V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494) An input validation flaw was found in the Apache Struts 2 component. This issue could occur when using the file upload feature. A maliciously crafted file uploaded to an affected Apache Struts 2 application could cause the application to execute arbitrary code. (ZDI-17-5232) An input validation flaw was found in the Apache Struts 2 component. This issue could occur when using the file upload feature. A maliciously crafted
References: ZDI-CAN-17494
ZDI-17-5232
Product description CVE-2022-39144
A vulnerability has been identified in Parasolid V33.1 (All versions V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 V33.1.263), Parasolid V34.0 (All versions V34.0.252), Parasolid V34.1 (All versions V34.1.242), Parasolid V35.0 (All versions V35.0.161), Parasolid V35.0 (All versions >=V35.0,161 V35,0,164), Simcenter Femap V2022 .2( All versions V2022 .2 .2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files . This could allow an attacker to execute code in the context of the current process .(ZDI-CAN-17494) An input validation flaw was found in the Apache Struts 2 component . This issue could occur when using the file upload feature . A maliciously crafted file uploaded to an affected Apache Struts 2 application could cause the application to execute arbitrary code.(ZDI-17-5232) An input validation flaw was found in the Apache Struts 2 component . This issue could occur when using the file upload feature . A maliciously crafted
Timeline
Published on: 09/13/2022 10:15:00 UTC
Last modified on: 09/13/2022 15:13:00 UTC