Remote Code Execution Vulnerability in SAP 3D Visual Enterprise Author
CVE-2022-39808
7.8HIGH
What is CVE-2022-39808?
A vulnerability exists in SAP 3D Visual Enterprise Author version 9 due to improper memory management. This flaw can be exploited when a user opens a specially crafted Wavefront Object (.obj) file through ObjTranslator.exe, potentially allowing an attacker to execute arbitrary code remotely. The exploitation occurs due to a stack-based overflow or the use of a dangling pointer that references overwritten memory space, making it vital for users to avoid opening files from untrusted sources to mitigate risks.
Affected Version(s)
SAP 3D Visual Enterprise Author 9