Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Google Sketchup Security Vulnerabilities

cve
cve

CVE-2010-0280

Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c.

7.8AI Score

0.026EPSS

2010-01-15 05:30 PM
36
cve
cve

CVE-2010-0316

Integer overflow in Google SketchUp before 7.1 M2 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a crafted SKP file.

8.3AI Score

0.009EPSS

2010-01-15 05:30 PM
25
cve
cve

CVE-2011-2478

Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file.

7.5AI Score

0.001EPSS

2012-04-17 06:55 PM
34
cve
cve

CVE-2012-4894

Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SKP file.

7.7AI Score

0.035EPSS

2012-10-05 10:51 AM
28
cve
cve

CVE-2013-3662

Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers a stack-based buffer overflow.

7.7AI Score

0.555EPSS

2014-07-01 05:55 PM
24
cve
cve

CVE-2013-3663

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed BMP.

8AI Score

0.555EPSS

2014-06-13 02:55 PM
115
cve
cve

CVE-2013-3664

Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers an out-of-bounds stack write. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3662....

7.6AI Score

0.555EPSS

2014-07-01 05:55 PM
117
cve
cve

CVE-2013-7388

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap (BMP). NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and ...

8AI Score

0.471EPSS

2014-07-01 05:55 PM
29
cve
cve

CVE-2016-2536

Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to execute arbitrary code via a crafted SketchUp document. NOTE: the primary affected product may be SketchUp.

8.8CVSS

8.9AI Score

0.187EPSS

2016-02-22 03:59 PM
28