Lucene search

K

[email protected]NVD:CVE-2013-7388

HistoryJul 01, 2014 - 5:55 p.m.

CVE-2013-7388

2014-07-0117:55:03

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.611 Medium

EPSS

Percentile

97.8%

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap (BMP). NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and codebases (ADT1).

Affected configurations

NVD

Node

googlesketchupMatch6.0maintenance_6

OR

googlesketchupMatch7.0maintenance_1

OR

googlesketchupMatch7.1

OR

googlesketchupMatch7.1maintenance_1

OR

googlesketchupMatch7.1maintenance_2

OR

googlesketchupMatch8.0

OR

googlesketchupMatch8.0maintenance_1

OR

googlesketchupMatch8.0maintenance_2

OR

googlesketchupMatch8.0maintenance_3

OR

googlesketchupMatch8.0maintenance_4

OR

trimblesketchupRange≤8.0maintenance_5

References

blog.binamuse.com/2013/05/multiple-vulnerabilities-on-sketchup.html

secunia.com/advisories/53635

www.binamuse.com/advisories/BINA-20130521B.txt

www.securityfocus.com/bid/60248

exchange.xforce.ibmcloud.com/vulnerabilities/84723

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.611 Medium

EPSS

Percentile

97.8%

Related for NVD:CVE-2013-7388

prion2 cve2 kaspersky1 nessus1 cvelist2 nvd1 checkpoint_advisories2 securityvulns2 binamuse1