This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-37376.
Daily Archives: October 19, 2023
ZDI-23-1576: Siemens Tecnomatix Plant Simulation IGS File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-45204.
ZDI-23-1577: Siemens Tecnomatix Plant Simulation IGS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-45601.
cachelib-17^20231016-1.fc37 fb303-2023.10.16.00-1.fc37 fbthrift-2023.10.16.00-1.fc37 fizz-2023.10.16.00-1.fc37 folly-2023.10.16.00-1.fc37 mcrouter-0.41.0.20231016-1.fc37 mvfst-2023.10.16.00-1.fc37 proxygen-2023.10.16.00-1.fc37 wangle-2023.10.16.00-1.fc37 watchman-2021.05.10.00-24.fc37 wdt-1.32.1910230^20230711git3b52ef5-2.fc37
FEDORA-2023-2a9214af5f
Packages in this update:
cachelib-17^20231016-1.fc37
fb303-2023.10.16.00-1.fc37
fbthrift-2023.10.16.00-1.fc37
fizz-2023.10.16.00-1.fc37
folly-2023.10.16.00-1.fc37
mcrouter-0.41.0.20231016-1.fc37
mvfst-2023.10.16.00-1.fc37
proxygen-2023.10.16.00-1.fc37
wangle-2023.10.16.00-1.fc37
watchman-2021.05.10.00-24.fc37
wdt-1.32.1910230^20230711git3b52ef5-2.fc37
Update description:
Update Folly stack to the latest 2023.10.16.00 tag
proxygen: Security fix for CVE-2023-44487
cachelib-17^20231016-1.fc38 fb303-2023.10.16.00-1.fc38 fbthrift-2023.10.16.00-1.fc38 fizz-2023.10.16.00-1.fc38 folly-2023.10.16.00-1.fc38 mcrouter-0.41.0.20231016-1.fc38 mvfst-2023.10.16.00-1.fc38 proxygen-2023.10.16.00-1.fc38 wangle-2023.10.16.00-1.fc38 watchman-2021.05.10.00-24.fc38 wdt-1.32.1910230^20230711git3b52ef5-2.fc38
FEDORA-2023-17efd3f2cd
Packages in this update:
cachelib-17^20231016-1.fc38
fb303-2023.10.16.00-1.fc38
fbthrift-2023.10.16.00-1.fc38
fizz-2023.10.16.00-1.fc38
folly-2023.10.16.00-1.fc38
mcrouter-0.41.0.20231016-1.fc38
mvfst-2023.10.16.00-1.fc38
proxygen-2023.10.16.00-1.fc38
wangle-2023.10.16.00-1.fc38
watchman-2021.05.10.00-24.fc38
wdt-1.32.1910230^20230711git3b52ef5-2.fc38
Update description:
Update Folly stack to the latest 2023.10.16.00 tag
proxygen: Security fix for CVE-2023-44487
cachelib-17^20231016-1.fc39 fb303-2023.10.16.00-1.fc39 fbthrift-2023.10.16.00-1.fc39 fizz-2023.10.16.00-1.fc39 folly-2023.10.16.00-1.fc39 mcrouter-0.41.0.20231016-1.fc39 mvfst-2023.10.16.00-1.fc39 proxygen-2023.10.16.00-1.fc39 wangle-2023.10.16.00-1.fc39 watchman-2021.05.10.00-24.fc39 wdt-1.32.1910230^20230711git3b52ef5-2.fc39
FEDORA-2023-7934802344
Packages in this update:
cachelib-17^20231016-1.fc39
fb303-2023.10.16.00-1.fc39
fbthrift-2023.10.16.00-1.fc39
fizz-2023.10.16.00-1.fc39
folly-2023.10.16.00-1.fc39
mcrouter-0.41.0.20231016-1.fc39
mvfst-2023.10.16.00-1.fc39
proxygen-2023.10.16.00-1.fc39
wangle-2023.10.16.00-1.fc39
watchman-2021.05.10.00-24.fc39
wdt-1.32.1910230^20230711git3b52ef5-2.fc39
Update description:
Update Folly stack to the latest 2023.10.16.00 tag
proxygen: Security fix for CVE-2023-44487