CVE-2013-7388

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689, allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap BMP. NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and...

Heap overflow

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689, allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap BMP. NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and...

Out-of-bounds

Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers an out-of-bounds stack write. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3662...

CVE-2013-7388

The CVE-2013-7388 entry describes a heap-based buffer overflow in the paintlib component used by Trimble SketchUp prior to version 13.0.3689, exploitable via a crafted RLE4 BMP. This affects SketchUp’s use of paintlib; the issue is described as a heap overflow enabling remote code execution. The ...

Heap overflow

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed BMP...

CVE-2013-3663

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed BMP...

CVE-2013-3663

SketchUp before 8 Maintenance 3 is affected by CVE-2013-3663 (BMP RLE8 Heap Overflow) due to a heap overflow in the BMP RLE8 decoding path borrowed from paintlib. The vulnerability allows remote code execution by parsing a crafted BMP texture embedded in a SKP file; the issue is fixed in 8M3 (and...