Heap-based Buffer Overflow in Trimble SketchUp by Trimble
CVE-2013-3663

Currently unrated

Key Information:

Vendor
Google
Status
Sketchup
Vendor
CVE Published:
13 June 2014

Summary

A heap-based buffer overflow vulnerability exists in the paintlib component of Trimble SketchUp, which allows remote attackers to execute arbitrary code. This is accomplished via a specially crafted RLE8 compressed BMP file, potentially leading to severe security implications for users of affected versions prior to 8 Maintenance 3.

References

http://archives.neohapsis.com/archives/bugtraq/2013-06/00...
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/84721
vdb-entryx_refsource_XF
http://blog.binamuse.com/2013/05/multiple-vulnerabilities...
x_refsource_MISC

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2013-3663 : Heap-based Buffer Overflow in Trimble SketchUp by Trimble | SecurityVulnerability.io