A vulnerability has been identified in JT Utilities (All...
Moderate severity
Unreviewed
Published
Dec 15, 2021
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Dec 14, 2021
Published to the GitHub Advisory Database
Dec 15, 2021
Last updated
Feb 1, 2023
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14841)
References