CVE-2022-3160

CVSS V2 None CVSS V3 None
Description
The APDFL.dll contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
Overview
  • CVE ID
  • CVE-2022-3160
  • Assigner
  • ics-cert@hq.dhs.gov
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-13T01:15:09
  • Last Modified Date
  • 2023-01-23T18:33:58
Weakness Enumerations
CWE URL
CWE-787 http://cwe.mitre.org/data/definitions/787.html
CWE-122 http://cwe.mitre.org/data/definitions/122.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:* 1 OR 14.1.0.5
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:* 1 OR 13.3.0 13.3.0.8
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:* 1 OR 14.0 14.0.0.4
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:* 1 OR 14.1 14.1.0.5
References
Reference URL Reference Tags
https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json
https://cert-portal.siemens.com/productcert/html/ssa-360681.html
https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-15
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-3160
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3160
History
Created Old Value New Value Data Type Notes
2023-01-13 02:14:10 Added to TrackCVE
2023-01-13 02:14:10 Weakness Enumeration new
2023-01-13 05:15:15 2023-01-13T05:12:35 CVE Modified Date updated
2023-01-13 05:15:15 Received Awaiting Analysis Vulnerability Status updated
2023-01-19 16:15:18 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-23 19:13:59 2023-01-23T18:33:58 CVE Modified Date updated
2023-01-23 19:13:59 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-23 19:14:02 Weakness Enumeration update
2023-01-23 19:14:04 CPE Information updated