Arbitrary Code Execution Vulnerability in Google SketchUp by Google
CVE-2011-2478

Currently unrated

Key Information:

Vendor: Google
Status: Sketchup
Vendor: CVE Published:; 17 April 2012

What is CVE-2011-2478?

Google SketchUp versions prior to 8 exhibit a flaw in handling edge geometry within .SKP files, creating a potential avenue for remote attackers to execute arbitrary code by exploiting this weakness through specially crafted files.

References

http://technet.microsoft.com/en-us/security/msvr/msvr11-006

x_refsource_MISC

http://support.google.com/sketchup/bin/static.py?hl=en&pa...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 17, 2012
Vulnerability Reserved
Jun 14, 2011