ZDI has assigned the ID 17102 to this vulnerability. A number of software packages are vulnerable to code injection and remote code execution flaws including Ansys SpaceClaim, Ansoft ANSYS, ANSYS, ANSYS, ANSYS, ANSYS, ANSYS, ANSYS, and Ansoft. SpaceClaim is a suite of software used to simulate the behavior of spacecraft in a virtual environment. To exploit the vulnerability, an attacker must convince the user to visit a malicious website or open a malicious file.
ZDI has received reports that the default installation of SpaceClaim contains a code injection and remote code execution flaw. The flaw is due to insufficient input validation by the application. An attacker can exploit this vulnerability to execute code in the context of the user’s browser.
Vulnerability Information
A code injection and remote code execution flaw exists in the default installation of SpaceClaim. This vulnerability is due to insufficient input validation by the application. An attacker can exploit this vulnerability to execute code in the context of the user’s browser.
This vulnerability has been assigned ID 17102 by ZDI.
Software Package Affected
Ansoft ANSYS, ANSYS, ANSYS, Ansoft ANSYS, ANSYS SpaceClaim have all been affected by this vulnerability.
Vulnerabilities found by Zignage Malware Detection
Zignage has recently found a number of vulnerabilities in the SpaceClaim suite of software. One vulnerability has been assigned the ID 17102 and is classified as a code injection and remote code execution flaw. Zignage has also found that SpaceClaim comes pre-installed with a file containing malicious JavaScript.
This vulnerability is triggered when the default installation of SpaceClaim contains insufficient input validation by the application. An attacker can exploit this vulnerability to execute code in the context of the user’s browser. Additional information about this vulnerability and instructions on how to patch it can be found at: http://www.zdi-inc.com/bugbounty/17102/.
Software Package Design
It is not recommended to install software from untrusted sources. The application should be updated to remove any malicious code that may have been installed during the installation process. It is also recommended to run a full scan for malware using an up-to-date version of antimalware software and keep the product updated with the latest security patches.
The SpaceClaim software package is vulnerable to code injection and remote code execution flaws, including Ansoft ANSYS, ANSYS, ANSYS, ANSYS, ANSYS, ANSYS, ANSYS, and Ansoft. SpaceClaim is a suite of software used to simulate the behavior of spacecraft in a virtual environment. To exploit the vulnerability, an attacker must convince the user to visit a malicious website or open a malicious file.
Products Affected by CVE-2019-5997
Ansys SpaceClaim, Ansoft ANSYS, ANSYS, ANSYS, ANSYS, ANSYS, and Ansoft are vulnerable to code injection and remote code execution flaws.
The vulnerability was discovered by Claudio Bozzato of the University of San Francisco.
Timeline
Published on: 09/15/2022 16:15:00 UTC
Last modified on: 09/19/2022 18:25:00 UTC