5 matches found
CVE-2013-3664
Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers an out-of-bounds stack write. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3662...
Heap overflow
Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689, allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap BMP. NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and...
CVE-2013-3664
CVE-2013-3664 affects Trimble SketchUp (formerly Google SketchUp) before version 13.0.3689. It permits remote code execution via a crafted color palette table in a MAC Pict texture, causing an out-of-bounds stack write. This CVE exists due to an incomplete fix for CVE-2013-3662 and was split from...
Trimble Navigation SketchUp BMP File Buffer Overflow (CVE-2013-3664)
A remote code execution vulnerability exists in Trimble Navigation's Sketchup...
Trimble Navigation SketchUp PICT File Buffer Overflow - Improved Performance (CVE-2013-3664)
A remote code execution vulnerability has been reported in Trimble SketchUp. The vulnerability is due to a stack buffer overflow while processing PICT files which contain a malicious number of ARGB entries. A remote attacker can exploit this vulnerability by enticing a target user to open a...