131 matches found
CVE-2022-32240
SAP 3D Visual Enterprise Viewer is affected by CVE-2022-32240 when a user opens manipulated Jupiter Tessellation (.jt, JTReader.x3d) files from untrusted sources. Public docs describe a crash that makes the application temporarily unavailable until restart. The ZDI advisory additionally notes a r...
CVE-2022-26106
CVE-2022-26106 concerns SAP 3D Visual Enterprise Viewer v9.0. Connected sources describe a flaw in CGM file parsing (CgmCore.dll) that can trigger a memory error—specifically a write past the end of an allocated buffer—when processing manipulated CGM data from untrusted sources. ZDI advisories fu...
CVE-2022-32241
The CVE-2022-32241 entry pertains to SAP 3D Visual Enterprise Viewer, where opening manipulated PDF/PDFView.x3d files from untrusted sources can cause the application to crash and become temporarily unavailable until a restart. The connected documents corroborate that this is a vulnerability invo...
CVE-2022-27654
SAP 3D Visual Enterprise Viewer (v9.0) is affected by CVE-2022-27654 through PSD file parsing, where a manipulated PSD/file can trigger a crash and potential code execution. The ZDI advisory specifies an out-of-bounds write during PSD parsing that allows remote code execution; user interaction is...
CVE-2022-32238
SAP 3D Visual Enterprise Viewer is affected by CVE-2022-32238: EPS parsing in the viewer can trigger an out-of-bounds write, enabling remote code execution when a user opens a malicious EPS file. The ZDI advisory states exploitation requires user interaction (opening a malicious file or visiting ...
CVE-2022-32239
CVE-2022-32239 affects SAP 3D Visual Enterprise Viewer. When users open manipulated JPEG 2000 (.jp2, jp2k.x3d) files from untrusted sources, the viewer may crash and become temporarily unavailable until the application is restarted. Connected sources confirm the issue and describe the impact, but...
CVE-2022-22537
CVE-2022-22537 affects SAP 3D Visual Enterprise Viewer (v9.0) and is triggered by opening manipulated TIFF/2d.x3d files from untrusted sources, causing the application to crash and become temporarily unavailable until restart. Connected sources confirm the affected product/version and describe th...
CVE-2022-26109
SAP 3D Visual Enterprise Viewer 9.0 is affected by a PDF parsing vulnerability (PDFView.x3d) causing crash and temporary unavailability; exploitation may lead to remote code execution. Root cause involves validation issues in processing PDF input, with advisories indicating potential out-of-bound...
CVE-2022-26108
SAP 3D Visual Enterprise Viewer (v9.0) is affected by CVE-2022-26108 via parsing of manipulated PCX files (and 2d.x3d). Connected sources describe memory-corruption/out-of-bounds write vulnerabilities in PCX parsing that can crash the application and, in some disclosures, enable remote code execu...
CVE-2022-32236
SAP 3D Visual Enterprise Viewer is affected by CVE-2022-32236 via parsing manipulated Windows Bitmap BMP and related 2d.x3d inputs from untrusted sources. The issue, documented by ZDI as a BMP parsing out-of-bounds write enabling remote code execution, can crash the application or allow code exec...
CVE-2022-22538
SAP 3D Visual Enterprise Viewer 9.0 is affected by CVE-2022-22538 through AI file parsing. The vulnerability is an out-of-bounds/write condition in the AI parsing code that can allow remote code execution. Exploitation requires a user to open a malicious AI/.ai.x3d file (user interaction), potent...
CVE-2020-6374
CVE-2020-6374 affects SAP 3D Visual Enterprise Viewer (v9) with parsing of Jupiter Tessellations (.jt). The connected ZDI advisory documents a remote code execution vulnerability in JT file parsing caused by insufficient validation, leading to a read-before-allocation error. The issue can be trig...
CVE-2022-27655
CVE-2022-27655 describes a vulnerability in SAP 3D Visual Enterprise Viewer (version 9.0) where parsing manipulated Universal 3D (U3D, 3difr.x3d) files from untrusted sources can crash the application and, per related advisories, may allow remote code execution via U3D parsing. The connected ZDI ...
CVE-2022-26107
CVE-2022-26107 affects SAP 3D Visual Enterprise Viewer 9.0. Connected advisories confirm vulnerability in parsing Jupiter Tessellation JT (.jt, JTReader.x3d) files from untrusted sources, leading to a crash and temporary unavailability (initial description). ZDI advisories add that the flaw is an...
CVE-2022-32242
SAP 3D Visual Enterprise Viewer is affected by an HDR parsing vulnerability in Radiance Picture files (.hdr, hdr.x3d). The issue can crash the application and, per ZDI, may allow remote code execution via a write past end of an allocated buffer. Exploitation requires user interaction (the user mu...
CVE-2022-32243
SAP 3D Visual Enterprise Viewer is affected by CVE-2022-32243 when users open manipulated SVG/SVG.X3D files from untrusted sources, causing the application to crash and become temporarily unavailable until restart. Affected component: SAP 3D Visual Enterprise Viewer; root cause described as an in...
CVE-2022-41191
CVE-2022-41191 affects SAP 3D Visual Enterprise Viewer (version 9) via a vulnerability in parsing of Jupiter Tessellation JT files (JTReader.x3d). The rooted issue is a memory-management flaw that can enable remote code execution when a crafted .jt file causes a stack-based overflow or reuse of a...
CVE-2022-41211
The CVE-2022-41211 issue concerns SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, specifically in the parsing of DST files. Connected sources describe a Use-After-Free vulnerability in DST file parsing that can lead to Remote Code Execution. Exploitation typically requires us...
CVE-2020-6372
SAP 3D Visual Enterprise Viewer (version 9) is affected by CVE-2020-6372 due to a PDF parsing vulnerability. The root cause is improper input validation leading to a write past the end of an allocated buffer, enabling remote code execution when a user opens a manipulated PDF. Exploitation require...
CVE-2022-32237
Technical details about CVE-2022-32237 are not publicly provided in the supplied documents; no affected product versions, root cause, or mitigations are specified here. Monitor for updates.
CVE-2020-6375
SAP 3D Visual Enterprise Viewer (version 9) is affected by CVE-2020-6375 due to improper input validation when opening manipulated CGM files from untrusted sources, which can crash the application and render it temporarily unavailable until restart. The connected documents confirm the issue and p...
CVE-2021-42069
CVE-2021-42069 affects SAP 3D Visual Enterprise Viewer 9.0. Public sources describe a parsing flaw in input files that can crash the application or lead to code execution. ZDI states a JT file parsing out-of-bounds write enabling remote code execution with user interaction required; other sources...
CVE-2022-41187
SAP 3D Visual Enterprise Viewer (version 9) contains a memory-management flaw in OBJ file parsing (ObjTranslator.exe). A crafted .obj file can trigger remote code execution via stack-based overflow or reuse of a dangling pointer. Remediation details are not explicit in the provided CVE data; a PT...
CVE-2022-41192
SAP 3D Visual Enterprise Viewer (before/around version 9) is affected by CVE-2022-41192 due to a memory-management flaw in parsing JT files (.jt, JTReader.x3d). Attackers can supply manipulated JT data to trigger a vulnerability that may crash the application and, per ZDI advisories, could allow ...
CVE-2022-41194
The CVE-2022-41194 entry describes a denial-of-service issue in SAP 3D Visual Enterprise Viewer (version 9) caused by improper memory management when processing manipulated Encapsulated PostScript (.eps, ai.x3d) files from untrusted sources. The vulnerability can cause the application to crash an...
CVE-2022-22539
SAP 3D Visual Enterprise Viewer 9.0 is affected by CVE-2022-22539 via crafted JPEG parsing. The published ZDI advisory describes an out-of-bounds write in JPG parsing that can allow remote code execution when a user opens a manipulated JPEG (requires user interaction). In the SAP NVD entry, the i...
CVE-2022-41190
The CVE-2022-41190 entry concerns SAP 3D Visual Enterprise Viewer (up to version 9). The vulnerability arises from improper memory management while parsing DXF files (and related TeighaTranslator.exe usage) which can lead to memory corruption, including a stack-based overflow or reuse of a dangli...
CVE-2022-41197
SAP 3D Visual Enterprise Viewer (version 9) is affected by CVE-2022-41197 due to a memory-management flaw in parsing WRL/VRML files. The vulnerability allows an out-of-bounds read while handling manipulated WRL files, which in ZDI’s advisory can lead to remote code execution in the context of the...
CVE-2022-41198
SAP 3D Visual Enterprise Viewer (version 9) is affected by a vulnerability in parsing SketchUp files (.skp, SketchUp.x3d) due to improper memory management. The issue can lead to Remote Code Execution when a crafted file forces either a stack-based overflow or a reuse of a dangling pointer to ove...
CVE-2020-6376
CVE-2020-6376 affects SAP 3D Visual Enterprise Viewer, version 9, where processing of manipulated Right Hemisphere Binary (.rh) files from untrusted sources can cause the application to crash and become temporarily unavailable. The root cause is improper input validation in the RH file handling. ...
CVE-2022-41189
CVE-2022-41189 affects SAP 3D Visual Enterprise Viewer (version 9) and is triggered by parsing manipulated DWG files (AutoCAD/DWG with TeighaTranslator.exe) due to insufficient memory management. The vulnerability allows remote code execution via a stack-based overflow or reuse of a dangling poin...
CVE-2022-41200
SAP 3D Visual Enterprise Viewer (version 9) is affected by CVE-2022-41200 due to improper memory management when parsing manipulated SVG/.svg.x3d files from untrusted sources, enabling Remote Code Execution via a stack-based overflow or re-use of a dangling pointer to overwritten memory. The issu...
CVE-2020-6322
SAP 3D Visual Enterprise Viewer (version 9) contains a vulnerability in the 3DM/U3D file parsing within the Rhino plugin that allows remote attackers to cause a crash or execute arbitrary code via a crafted 3DM/U3D file. The irreducible root cause is improper input validation leading to an out-of...
CVE-2022-41199
CVE-2022-41199 affects SAP 3D Visual Enterprise Viewer (v9) through parsing of Open Inventor File formats (.iv, vrml.x3d). The root cause is improper memory management in the IV file parser, allowing a stack-based buffer overflow or re-use of dangling pointers, which can lead to Remote Code Execu...
CVE-2022-32235
CVE-2022-32235 affects SAP 3D Visual Enterprise Viewer via parsing of manipulated AutoCAD DWG files (TeighaTranslator.exe), causing the application to crash and become unavailable. Connected sources describe an out-of-bounds/write condition during DWG parsing that can be exploited by opening a cr...
CVE-2022-41202
CVE-2022-41202 affects SAP 3D Visual Enterprise Viewer (v9). The vulnerability stems from improper memory management during parsing of Visual Design Stream files (.vds, vds.x3d), allowing a stack-based overflow or reuse of a dangling pointer that leads to Remote Code Execution. Exploitation requi...
CVE-2016-2536
CVE-2016-2536 concerns multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer, exploitable via crafted SketchUp documents. The primary affected product is likely SketchUp. The ZDI advisories describe a remote code execution flaw that requires user interaction (target must open...
CVE-2020-6373
SAP 3D Visual Enterprise Viewer (version 9) contains a PDF parsing flaw that allows an out-of-bounds write, enabling remote code execution. The vulnerability arises from improper validation of user-supplied data during PDF parsing, and the exploit requires user interaction (e.g., opening a malici...
CVE-2022-41195
SAP 3D Visual Enterprise Viewer (version 9) is affected by CVE-2022-41195 due to memory management flaws that can cause remote code execution when a manipulated IFF/2d.x3d file is opened. The vulnerability is described as a stack-based overflow or re-use of a dangling pointer referencing overwrit...
CVE-2020-6338
SAP 3D Visual Enterprise Viewer (version 9) is affected by CVE-2020-6338 due to improper input validation during RH file parsing. The vulnerability affects parsing RH files and can crash the application, causing temporary unavailability, with ZDI reporting a remote code execution possibility via ...
CVE-2022-41201
CVE-2022-41201 affects SAP 3D Visual Enterprise Viewer (version 9) and targets the processing of Right Hemisphere Binary (.rh, rh.x3d) files. The root cause is improper memory management, leading to a stack-based overflow or reuse of a dangling pointer to overwritten memory, enabling Remote Code ...
CVE-2022-41193
SAP 3D Visual Enterprise Viewer 9 is affected by a memory-management vulnerability in EPS parsing (EPS/ai.x3d). The issue can trigger Remote Code Execution when a manipulated file from untrusted sources is opened, due to stack-based overflow or re-use of a dangling pointer. The vulnerability requ...
CVE-2022-41196
SAP 3D Visual Enterprise Viewer 9 is affected by a WRL/VRML.X3D parsing vulnerability caused by improper memory management, enabling Remote Code Execution (RCE) when a manipulated file is opened. Public details (ZDI advisories) state exploitation requires user interaction (e.g., opening a malicio...
CVE-2021-21449
SAP 3D Visual Enterprise Viewer (v9) is affected by an IFF file parsing vulnerability that causes memory corruption and can lead to remote code execution. The issue stems from improper validation during IFF parsing, and exploitation requires user interaction (e.g., opening a malicious file or vis...
CVE-2022-35171
CVE-2022-35171 affects SAP 3D Visual Enterprise Viewer. The vulnerability occurs when opening manipulated JPEG 2000 files (.jp2, jp2k.x3d) from untrusted sources, triggering an input validation error that crashes the application and leaves it temporarily unavailable until restart. The root cause ...
CVE-2020-6355
The CVE-2020-6355 entry concerns SAP 3D Visual Enterprise Viewer (VEV), version 9. A vulnerability exists in the parsing of TGA files, specifically a stack-based buffer overflow during TGA file processing. This is caused by improper validation of input data. Exploitation can lead to remote code e...
CVE-2021-42068
CVE-2021-42068 affects SAP 3D Visual Enterprise Viewer 9.0. Reports describe an input validation error when opening manipulated GIF files from untrusted sources, causing the application to crash and become temporarily unavailable until restart. The CVSS indicates low availability impact (A: LOW) ...
CVE-2020-6321
SAP 3D Visual Enterprise Viewer (v9) is affected by CVE-2020-6321 via the U3D file parsing in the 3difr plugin. The vulnerability stems from an uninitialized pointer in the parser, enabling remote code execution when a user opens a crafted U3D file or visits a malicious page, with user interactio...
CVE-2020-6333
SAP 3D Visual Enterprise Viewer 9 is affected by CVE-2020-6333 due to an input validation flaw in HPGL file parsing. The vulnerability enables an out-of-bounds write when processing specially crafted HPGL/2D data, which can be exploited to execute code in the context of the affected process. Expl...
CVE-2020-6341
CVE-2020-6341 : SAP 3D Visual Enterprise Viewer 9 contains an EPS file parsing vulnerability. The issue arises from improper validation leading to an out-of-bounds read, enabling arbitrary code execution when a user opens a malicious EPS file (remote code execution; requires user interaction). Af...