2 matches found
CVE-2022-41186
Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile .cgm, CgmCore.dll file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a...
CVE-2022-41186
CVE-2022-41186 covers a buffer/memory‑management vulnerability in SAP 3D Visual Enterprise Viewer 9 involving CGM parsing (CgmCore.dll). A crafted CGM file from an untrusted source can trigger remote code execution via a write past the end of an allocated buffer or by reusing a dangling pointer t...