Lucene search

[email protected]CVE-2013-3662

HistoryJul 01, 2014 - 5:55 p.m.

CVE-2013-3662

2014-07-0117:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-3662

timbre sketchup

google sketchup

remote code execution

buffer overflow

mac pict texture

security vulnerability

nvd

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.698 Medium

EPSS

Percentile

98.0%

JSON

Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers a stack-based buffer overflow.

CPENameOperatorVersion
google:sketchupgoogle sketchupeq8.0

CPE	Name	Operator	Version
google:sketchup	google sketchup	eq	8.0

References

archives.neohapsis.com/archives/bugtraq/2013-06/0006.html

blog.binamuse.com/2013/05/multiple-vulnerabilities-on-sketchup.html

exchange.xforce.ibmcloud.com/vulnerabilities/84720

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.698 Medium

EPSS

Percentile

98.0%

JSON

Related for CVE-2013-3662

prion2 nessus1 cvelist2 securityvulns2 binamuse1 cve1