Lucene search

K

[email protected]NVD:CVE-2010-0280

HistoryJan 15, 2010 - 5:30 p.m.

CVE-2010-0280

2010-01-1517:30:00

CWE-189

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.4%

Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c.

Affected configurations

NVD

Node

jan_eric_krprianidislib3dsMatch1.0

AND

googlegoogle_sketchupMatch7.0

OR

googlegoogle_sketchupMatch7.0.10247

OR

googlegoogle_sketchupMatch7.1.4871

OR

googlegoogle_sketchupMatch7.1.6087

References

secunia.com/advisories/38185

secunia.com/advisories/38187

sketchup.google.com/support/bin/answer.py?hl=en&answer=141303

www.coresecurity.com/content/google-sketchup-vulnerability

www.securityfocus.com/archive/1/508913/100/0/threaded

www.securityfocus.com/bid/37708

www.vupen.com/english/advisories/2010/0133

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.4%

Related for NVD:CVE-2010-0280

nessus6 openvas11 fedora4 debiancve1 ubuntucve1 cvelist1 gentoo1 cve1 coresecurity1 securityvulns2 prion1