Lucene search
K

339 matches found

CVE
CVE
added 2014/07/01 5:0 p.m.162 views

CVE-2013-3664

CVE-2013-3664 affects Trimble SketchUp (formerly Google SketchUp) before version 13.0.3689. It permits remote code execution via a crafted color palette table in a MAC Pict texture, causing an out-of-bounds stack write. This CVE exists due to an incomplete fix for CVE-2013-3662 and was split from...

9.3CVSS7.6AI score0.29778EPSS
Exploits1References6Affected Software2
Cvelist
Cvelist
added 2014/07/01 5:0 p.m.26 views

CVE-2013-7388

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689, allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap BMP. NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and...

7.8AI score0.13248EPSS
Exploits1References5
CVE
CVE
added 2014/07/01 5:0 p.m.60 views

CVE-2013-7388

The CVE-2013-7388 entry describes a heap-based buffer overflow in the paintlib component used by Trimble SketchUp prior to version 13.0.3689, exploitable via a crafted RLE4 BMP. This affects SketchUp’s use of paintlib; the issue is described as a heap overflow enabling remote code execution. The ...

9.3CVSS8AI score0.13248EPSS
Exploits1References5Affected Software2
CVE
CVE
added 2014/06/13 2:0 p.m.145 views

CVE-2013-3663

SketchUp before 8 Maintenance 3 is affected by CVE-2013-3663 (BMP RLE8 Heap Overflow) due to a heap overflow in the BMP RLE8 decoding path borrowed from paintlib. The vulnerability allows remote code execution by parsing a crafted BMP texture embedded in a SKP file; the issue is fixed in 8M3 (and...

9.3CVSS8AI score0.31864EPSS
Exploits1References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.14 views

Trimble Navigation SketchUp BMP File Code Execution - Ver2 (CVE-2013-3663)

A remote code execution vulnerability exists in Trimble Navigation's SketchUp. The vulnerability is due to a heap buffer overflow while processing BMP files which contain malicious RLE data. Remote unauthenticated attackers can exploit this vulnerability by enticing a target user to open a...

9.3CVSS8AI score0.31864EPSS
Exploits1
Cvelist
Cvelist
added 2013/12/17 11:0 a.m.19 views

CVE-2013-6038

Stack-based buffer overflow in Trimble SketchUp Viewer 13.0.4124 allows remote attackers to execute arbitrary code via a crafted .SKP file...

8AI score0.02569EPSS
Exploits0References2
CVE
CVE
added 2013/12/17 11:0 a.m.44 views

CVE-2013-6038

CVE-2013-6038 : A stack-based buffer overflow in SketchUp Viewer 13.0.4124 allows remote attackers to execute arbitrary code by opening a specially crafted .SKP file. The issue is triggered during parsing of the .SKP, enabling potentially remote code execution without user interaction. The CVSS m...

6.8CVSS8.2AI score0.02569EPSS
Exploits0References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2013/12/10 12:0 a.m.15 views

Trimble Navigation SketchUp BMP File Code Execution (CVE-2013-3663)

A remote code execution vulnerability has been reported in Trimble Navigation's SketchUp...

7.4AI score0.31864EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2013/09/22 12:0 a.m.24 views

Trimble Navigation SketchUp BMP File Buffer Overflow (CVE-2013-3664)

A remote code execution vulnerability exists in Trimble Navigation's Sketchup...

7.3AI score0.29778EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2013/07/23 12:0 a.m.24 views

Trimble Navigation SketchUp PICT File Buffer Overflow - Improved Performance (CVE-2013-3664)

A remote code execution vulnerability has been reported in Trimble SketchUp. The vulnerability is due to a stack buffer overflow while processing PICT files which contain a malicious number of ARGB entries. A remote attacker can exploit this vulnerability by enticing a target user to open a...

9.3CVSS7.5AI score0.29778EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/06/19 12:0 a.m.33 views

Google SketchUp < 13.0.3689 SKP Multiple Vulnerabilities

The version of Google SketchUp installed on the remote Windows host is earlier than 13.0.3689. As such, it reportedly is affected by multiple buffer overflows related to the handling of '.SKP' files. Specially crafted files containing BMP RLE4 compressed textures or MAC Pict textures can cause th...

9.3CVSS6AI score0.29778EPSS
Exploits2References5
NVD
NVD
added 2013/03/07 12:55 a.m.21 views

CVE-2012-5053

Cross-site scripting XSS vulnerability in the Receiver Web User Interface on Trimble Infrastructure GNSS Series Receivers NetR3, NetR5, NetR8, and NetR9 before 4.70, and NetRS before 1.3-2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01148EPSS
Exploits0References3
Prion
Prion
added 2013/03/07 12:55 a.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Receiver Web User Interface on Trimble Infrastructure GNSS Series Receivers NetR3, NetR5, NetR8, and NetR9 before 4.70, and NetRS before 1.3-2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References3
CVE
CVE
added 2013/03/07 12:0 a.m.55 views

CVE-2012-5053

CVE-2012-5053 affects Trimble Infrastructure GNSS Series Receivers: NetR3/NetR5/NetR8/NetR9 vulnerable in their Receiver Web User Interface prior to firmware 4.70, and NetRS prior to 1.3-2. The issue is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary HTML/script...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References3Affected Software4
Cvelist
Cvelist
added 2013/03/07 12:0 a.m.21 views

CVE-2012-5053

Cross-site scripting XSS vulnerability in the Receiver Web User Interface on Trimble Infrastructure GNSS Series Receivers NetR3, NetR5, NetR8, and NetR9 before 4.70, and NetRS before 1.3-2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01148EPSS
Exploits0References3
securityvulns
securityvulns
added 2013/01/21 12:0 a.m.94 views

Trimble® Infrastructure GNSS Series Receivers Cross Site Scripting &#40;XSS&#41; vulnerability

Trimble® Infrastructure GNSS Series Receivers Cross Site Scripting XSS vulnerability: - CVE: CVE-2012-5053 - Deloitte Argentina Advisory Code: DTTAR-20130001 - Vendor Status: CONFIRMED - Public Disclosure Date: January, 15th, 2013. - Vendors Affected: Trimble - http://www.trimble.com/ - Systems...

4.3CVSS0.1AI score0.01148EPSS
Exploits0
securityvulns
securityvulns
added 2013/01/21 12:0 a.m.60 views

Trimble Infrastructure GNSS crossite scripting

Web interface crossite scripting...

4.3CVSS1.3AI score0.01148EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/05/31 12:0 a.m.9 views

Google/Trimble SketchUp Application Detection

Binary data 6882.prm...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/11/04 12:0 a.m.19 views

Google/Trimble SketchUp Detection

Google SketchUp or Trimble SketchUp formerly Google SketchUp is installed on the remote host. SketchUp is a 3-D modeling application. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid56712; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate",...

5.5AI score
Exploits0References2
Rows per page
Query Builder