CVE-2020-26990

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing ASM files. A crafted ASM file could trigger a type confusion condition. An attacker could leverage...

CVE-2020-26989

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Solid Edge SE2020 All Versions SE2020MP12, Solid Edge SE2021 All Versions SE2021MP2, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of PAR files...

CVE-2020-26986

A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. Affected applications lack proper validation of user-supplied data when parsing of JT files. This could lead to a heap-based buffer overflow. An attacker could leverage this...

CVE-2020-26990

CVE-2020-26990 affects Siemens JT2Go and Teamcenter Visualization (all versions before 13.1.0.1). The issue arises when parsing ASM files: user-supplied data may trigger a type confusion, enabling code execution in the context of the affected process. Connected advisories (ZDI-21-055, ICSA-21-040...

CVE-2020-26986

CVE-2020-26986 affects Siemens JT2Go and Teamcenter Visualization (all versions before 13.1.0). Affected applications fail to validate user-supplied data when parsing JT files, causing a heap-based buffer overflow that could enable code execution in the current process. Mitigation: update JT2Go a...

CVE-2020-26985

CVE-2020-26985 affects Siemens JT2Go and Teamcenter Visualization prior to v13.1.0. The vulnerability is a heap-based buffer overflow caused by insufficient validation of user-supplied data when parsing RGB and SGI files, allowing code execution in the context of the affected process. According t...

CVE-2020-26988

A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in an out of bounds write past the end of an allocated structure. An...

CVE-2020-26991

A vulnerability has been identified in JT2Go All versions V13.1.0.2, Teamcenter Visualization All versions V13.1.0.2. Affected applications lack proper validation of user-supplied data when parsing ASM files. This could lead to pointer dereferences of a value obtained from untrusted source. An...

CVE-2020-26982

Siemens JT2Go and Teamcenter Visualization (versions before 13.1.0) are affected by CVE-2020-26982 due to improper validation when parsing CG4 and CGM files, causing out-of-bounds write and potential remote code execution in the process context (ZDI-11898). The issue part of a broader set of vuln...

CVE-2020-26985

A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. Affected applications lack proper validation of user-supplied data when parsing of RGB and SGI files. This could result in a heap-based buffer overflow. An attacker could leverage thi...

CVE-2020-26991

Siemens JT2Go and Teamcenter Visualization are affected by CVE-2020-26991. All versions of JT2Go and Teamcenter Visualization prior to 13.1.0.2 do not validate user-supplied data when parsing ASM files, enabling pointer dereferences from untrusted sources and potential remote code execution in th...

CVE-2020-26987

Siemens JT2Go and Teamcenter Visualization (pre-13.1.0) contain a heap-based buffer overflow when parsing TGA files due to insufficient validation of user-supplied data. The issue can allow remote code execution in the context of the affected process. Public advisories (ZDI-21-059) describe the T...

CVE-2020-26983

A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. Affected applications lack proper validation of user-supplied data when parsing PDF files. This could result in an out of bounds write past the end of an allocated structure. An...

CVE-2020-26984

CVE-2020-26984 affects Siemens JT2Go (all versions < 13.1.0) and Teamcenter Visualization (all versions

CVE-2020-26989

CVE-2020-26989 affects Siemens JT2Go (all versions

CVE-2020-26983

Siemens JT2Go and Teamcenter Visualization (JT2Go

CVE-2020-26988

Siemens JT2Go and Teamcenter Visualization (prior to v13.1.0) are impacted by CVE-2020-26988 and related PAR-file parsing flaws. The issue is an out-of-bounds write caused by improper validation of user-supplied data when parsing PAR files, enabling remote code execution in the affected process. ...

CVE-2020-26987

A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. Affected applications lack proper validation of user-supplied data when parsing of TGA files. This could lead to a heap-based buffer overflow. An attacker could leverage this...

CVE-2020-26981

A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the...

CVE-2020-26980

A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. Affected applications lack proper validation of user-supplied data when parsing JT files. A crafted JT file could trigger a type confusion condition. An attacker could leverage this...