CVE-2022-3159 Vulnerability Details

  /     /     /  

CVE-2022-3159 Metadata Quick Info

CVE Published: 13/01/2023 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: icscert | Vendor: Siemens  | Product: JT2Go
Status : PUBLISHED

---

CVE-2022-3159 Description

The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.

Metrics

CVSS Version: 3.1 | Base Score: 7.8 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* LOCAL
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* NONE
    User Interaction (UI)* REQUIRED
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* HIGH
    Integrity Impact (I)* HIGH
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-121
CWE Name: CWE-121
Source: Siemens 

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).