CVE-2023-22360

CVSS V2 None CVSS V3 None
Description
Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.
Overview
  • CVE ID
  • CVE-2023-22360
  • Assigner
  • vultures@jpcert.or.jp
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-02-13T02:21:07
  • Last Modified Date
  • 2023-02-27T17:26:46
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:jtekt:screen_creator_advance_2:*:*:*:*:*:*:*:* 1 OR 0.1.1.4
cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:build01:*:*:*:*:*:* 1 OR
References
Reference URL Reference Tags
https://jvn.jp/en/vu/JVNVU98917488/ Patch Third Party Advisory VDB Entry
https://www.electronics.jtekt.co.jp/en/topics/202302035233/ Patch Vendor Advisory
https://www.electronics.jtekt.co.jp/jp/topics/2023020313454/ Patch Vendor Advisory
History
Created Old Value New Value Data Type Notes
2023-04-17 07:36:22 Added to TrackCVE
2023-04-17 07:36:23 Weakness Enumeration new