CVE-2022-29032

HIGH Year: 2022
CVSS v3 Score
7.8
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-415
View all →

Vulnerability Description

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Related Vulnerabilities

CVE-2003-1048

HIGH
CVSS:7.8(High)

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

CWE-4152003

CVE-2015-9007

HIGH
CVSS:7.8(High)

In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.

CWE-4152015

CVE-2016-5384

HIGH
CVSS:7.8(High)

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache...

CWE-4152016

CVE-2016-8693

HIGH
CVSS:7.8(High)

Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a craf...

CWE-4152016

CVE-2017-11032

HIGH
CVSS:7.8(High)

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in t...

CWE-4152017

CVE-2017-13181

HIGH
CVSS:7.8(High)

In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code exec...

CWE-4152017