Lucene search
K
TrimbleSketchup Viewer

27 matches found

CVE
CVE
added 2024/11/22 8:51 p.m.68 views

CVE-2024-9726

CVE-2024-9726 affects Trimble SketchUp Viewer. The vulnerability arises in the parsing of SKP files, caused by insufficient validation of the length of untrusted data copied into a fixed-size stack buffer, leading to a stack-based buffer overflow and remote code execution. Exploitation requires u...

7.8CVSS8AI score0.0034EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.66 views

CVE-2023-50196

Technical details (affected product/version, exploit specifics, and remediation) are not public in the provided documents. Monitor for updates from official advisories for CVE-2023-50196.

7.8CVSS8AI score0.00344EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.65 views

CVE-2023-50188

CVE-2023-50188 affects Trimble SketchUp Viewer. The issue is in SKP file parsing due to uninitialized memory access, enabling remote code execution when a user opens a malicious SKP/file or visits a crafted page. Exploitation requires user interaction; the attacker would run code in the target’s ...

7.8CVSS8AI score0.00423EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.61 views

CVE-2023-50195

CVE-2023-50195 concerns Trimble SketchUp Viewer, where the SKP file parsing is vulnerable to an out-of-bounds read that can enable remote code execution. The issue stems from improper validation of user-supplied data, potentially reading past the end of an allocated buffer. Exploitation requires ...

7.8CVSS8AI score0.00399EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.61 views

CVE-2024-9719

CVE-2024-9719 affects Trimble SketchUp Viewer via SKP file parsing. The flaw is a use-after-free in the SKP parser caused by not validating object existence before performing operations, enabling remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a...

7.8CVSS8AI score0.00302EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.61 views

CVE-2024-9721

The CVE-2024-9721 entry concerns Trimble SketchUp Viewer. Affected component: SKP file parsing in the viewer. Root cause: lack of validating the existence of an object before performing operations, leading to a use-after-free condition. Impact: remote code execution in the context of the current ...

7.8CVSS8AI score0.00374EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.60 views

CVE-2024-9724

This CVE affects Trimble SketchUp Viewer: SKP file parsing is vulnerable to a use-after-free that can lead to remote code execution. The flaw arises from not validating the existence of an object before performing operations on it, enabling code execution in the current process. Exploitation requ...

7.8CVSS8AI score0.00324EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.59 views

CVE-2023-50194

This CVE (CVE-2023-50194) affects Trimble SketchUp Viewer. The vulnerability stems from parsing SKP files, where insufficient validation can cause a read past the end of an allocated object in the parser, enabling remote code execution. It requires user interaction (the target must open a malicio...

7.8CVSS8AI score0.00399EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.58 views

CVE-2023-50189

CVE-2023-50189 concerns Trimble SketchUp Viewer. The vulnerability arises in SKP file parsing where the code fails to validate the existence of an object before operating on it, resulting in a use-after-free that can lead to remote code execution. Exploitation requires user interaction (target us...

7.8CVSS8AI score0.00445EPSS
CVE
CVE
added 2024/11/22 9:31 p.m.58 views

CVE-2024-7508

CVE-2024-7508 : In Trimble SketchUp Viewer, SKP file parsing is vulnerable to a heap-based buffer overflow due to unsafe validation of the length of user-supplied data before copying to a fixed-size heap buffer. This allows arbitrary code execution in the context of the current process and requir...

7.8CVSS8AI score0.00417EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.57 views

CVE-2024-9725

CVE-2024-9725 : Trimble SketchUp Viewer is affected by a Use-After-Free vulnerability in SKP file parsing caused by not validating object existence before operations. This can lead to remote code execution and requires user interaction (visiting a malicious page or opening a malicious file). Publ...

7.8CVSS8AI score0.00324EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.56 views

CVE-2023-50187

CVE-2023-50187 : Trimble SketchUp Viewer is affected by a memory corruption vulnerability in the SKP file parser. The flaw arises from insufficient validation of user-supplied SKP data, enabling remote code execution in the context of the target process. Exploitation requires user interaction (ta...

7.8CVSS8.1AI score0.00399EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.56 views

CVE-2023-50190

CVE-2023-50190 affects Trimble SketchUp Viewer with an out-of-bounds write in SKP file parsing that can lead to remote code execution. The root cause is insufficient validation of user-supplied SKP data, allowing a write past the end of an allocated buffer. Exploitation requires user interaction ...

7.8CVSS8AI score0.00399EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.56 views

CVE-2024-9716

CVE-2024-9716 affects Trimble SketchUp Viewer via a Use-After-Free in SKP file parsing. The flaw arises from not validating an object’s existence before performing operations, allowing an attacker to execute code in the affected process. Exploitation requires user interaction (visiting a maliciou...

7.8CVSS8AI score0.00302EPSS
CVE
CVE
added 2024/11/22 8:52 p.m.54 views

CVE-2024-9727

CVE-2024-9727 describes a remote code execution flaw in Trimble SketchUp Viewer related to SKP file parsing. The root cause is the lack of validating the existence of an object before performing operations on it, enabling a crafted SKP file to execute code in the current process. The vulnerabilit...

7.8CVSS8AI score0.00324EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.53 views

CVE-2023-50191

CVE-2023-50191 affects Trimble SketchUp Viewer via a vulnerability in SKP file parsing, described as a use-after-free that allows remote code execution. The flaw arises from not validating the existence of an object before performing operations, enabling an attacker to run code in the target proc...

7.8CVSS8AI score0.00445EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.52 views

CVE-2024-9714

This CVE concerns Trimble SketchUp Viewer. The SKP file parsing flaw allows Use-After-Free that enables Remote Code Execution. Impact is high (CVE mentions code execution in the current process; vector is LOCAL with user interaction required). The root cause is failure to validate object existenc...

7.8CVSS8AI score0.00374EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.51 views

CVE-2023-50192

CVE-2023-50192 affects Trimble SketchUp Viewer. The vulnerability is a Use-After-Free in SKP file parsing that allows remote code execution. It requires user interaction (target must visit a malicious page or open a malicious file). The issue arises from not validating object existence before ope...

7.8CVSS8AI score0.00445EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.51 views

CVE-2024-9717

CVE-2024-9717 affects Trimble SketchUp Viewer through the SKP file parser, where an uninitialized memory access allows remote code execution. The vulnerability enables an attacker to execute arbitrary code in the context of the target process when a user opens a malicious SKP file or visits a cra...

7.8CVSS8AI score0.00287EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.51 views

CVE-2024-9722

CVE-2024-9722 affects Trimble SketchUp Viewer through the SKP file parsing path, where a use-after-free flaw occurs due to failure to validate the existence of an object before operating on it. This leads to arbitrary code execution in the context of the current process. Exploitation requires use...

7.8CVSS8AI score0.00324EPSS
CVE
CVE
added 2024/05/03 2:14 a.m.50 views

CVE-2023-50193

The CVE-2023-50193 entry concerns Trimble SketchUp Viewer: SKP file parsing leads to a use-after-free that enables remote code execution. The flaw arises from not validating the existence of an object before operating on it, allowing an attacker to run code in the process context. Exploitation re...

7.8CVSS8AI score0.00445EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.50 views

CVE-2024-9715

CVE-2024-9715 involves Trimble SketchUp Viewer SKP file parsing where a Use-After-Free arises from not validating an object’s existence before performing operations, enabling remote code execution after user interaction (visiting a malicious page or opening a malicious file). Multiple trusted sou...

7.8CVSS8AI score0.00302EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.48 views

CVE-2024-9718

CVE-2024-9718 – Trimble SketchUp Viewer is affected through the SKP file parser, where lack of validation can cause an out-of-bounds read and enable remote code execution in the attacker’s context. The exploit requires user interaction (visiting a malicious page or opening a malicious file). This...

7.8CVSS8AI score0.00271EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.48 views

CVE-2024-9720

CVE-2024-9720 affects Trimble SketchUp Viewer. It is a vulnerability in SKP file parsing where insufficient validation can cause a read past the end of an allocated buffer, leading to remote code execution. The flaw occurs during parsing of SKP files and can be exploited by users who open a malic...

7.8CVSS8AI score0.0029EPSS
CVE
CVE
added 2024/11/22 8:51 p.m.46 views

CVE-2024-9723

CVE-2024-9723 describes a Use-After-Free in Trimble SketchUp Viewer related to SKP file parsing. The flaw arises from not validating the existence of an object before operating on it, enabling remote code execution when a user opens a malicious SKP or visits a malicious page. The vulnerability re...

7.8CVSS8AI score0.00374EPSS
CVE
CVE
added 2024/11/22 8:52 p.m.46 views

CVE-2024-9728

Summary: CVE-2024-9728 is a use-after-free remote code execution vulnerability in Trimble SketchUp Viewer caused by parsing SKP files without validating object existence. The flaw can allow code execution in the target process and requires user interaction (visiting a malicious page or opening a ...

7.8CVSS8AI score0.00324EPSS
CVE
CVE
added 2013/12/17 11:0 a.m.44 views

CVE-2013-6038

CVE-2013-6038 : A stack-based buffer overflow in SketchUp Viewer 13.0.4124 allows remote attackers to execute arbitrary code by opening a specially crafted .SKP file. The issue is triggered during parsing of the .SKP, enabling potentially remote code execution without user interaction. The CVSS m...

6.8CVSS8.2AI score0.02569EPSS