Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSapCVELIST:CVE-2022-41200
HistoryOct 11, 2022 - 12:00 a.m.

CVE-2022-41200

2022-10-1100:00:00
CWE-787
CWE-119
sap
www.cve.org
memory management
.svg file
sap 3d visual enterprise viewer
remote code execution

0.002 Low

EPSS

Percentile

58.9%

JSON

Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP 3D Visual Enterprise Viewer",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "9"
      }
    ]
  }
]

Related

cve 1
zdi 1
nvd 1
cnvd 1
prion 1
cve
cve
CVE-2022-41200
2022-10-11 21:15:26
zdi
zdi
SAP 3D Visual Enterprise Viewer SVG File Parsing Memory Corruption Remote Code Execution Vulnerability
2022-11-03 00:00:00
nvd
nvd
CVE-2022-41200
2022-10-11 21:15:26
cnvd
cnvd
SAP 3D Visual Enterprise Viewer .svg buffer overflow vulnerability
2022-10-13 00:00:00
prion
prion
Stack overflow
2022-10-11 21:15:00

0.002 Low

EPSS

Percentile

58.9%

JSON
Related for CVELIST:CVE-2022-41200
cve1zdi1nvd1cnvd1prion1