| ID |
CVE-2022-29522
|
| Summary |
Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:fujielectric:v-sft:*:*:*:*:*:*:*:*
cpe:2.3:a:fujielectric:v-sft:*:*:*:*:*:*:*:*
-
cpe:2.3:a:fujielectric:v-server:3.3.24.0:*:*:*:lite:*:*:*
cpe:2.3:a:fujielectric:v-server:3.3.24.0:*:*:*:lite:*:*:*
-
cpe:2.3:a:fujielectric:v-server:4.0.3.0:*:*:*:lite:*:*:*
cpe:2.3:a:fujielectric:v-server:4.0.3.0:*:*:*:lite:*:*:*
-
cpe:2.3:a:fujielectric:v-server:4.0.9.0:*:*:*:lite:*:*:*
cpe:2.3:a:fujielectric:v-server:4.0.9.0:*:*:*:lite:*:*:*
-
cpe:2.3:a:fujielectric:v-server:4.0.10.0:*:*:*:lite:*:*:*
cpe:2.3:a:fujielectric:v-server:4.0.10.0:*:*:*:lite:*:*:*
-
cpe:2.3:a:fujielectric:v-server:4.0.12.0:*:*:*:lite:*:*:*
cpe:2.3:a:fujielectric:v-server:4.0.12.0:*:*:*:lite:*:*:*
-
cpe:2.3:a:fujielectric:v-server:4.0.13.0:*:*:*:lite:*:*:*
cpe:2.3:a:fujielectric:v-server:4.0.13.0:*:*:*:lite:*:*:*
-
cpe:2.3:a:fujielectric:v-server:4.0.11.0:*:*:*:-:*:*:*
cpe:2.3:a:fujielectric:v-server:4.0.11.0:*:*:*:-:*:*:*
|
| CVSS |
| Base: | 6.8 (as of 22-06-2022 - 21:40) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-416 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| Last major update |
22-06-2022 - 21:40 |
| Published |
14-06-2022 - 09:15 |
| Last modified |
22-06-2022 - 21:40 |
