Remote Code Execution Vulnerability in SAP 3D Visual Enterprise Viewer
CVE-2022-41195
7.8HIGH
What is CVE-2022-41195?
A vulnerability exists in the SAP 3D Visual Enterprise Viewer due to insufficient memory management, which can be exploited when a user opens a specially crafted EAAmiga Interchange File Format (.iff, 2d.x3d) file from untrusted sources. This flaw allows remote code execution through manipulation of memory, potentially leading to a stack-based overflow or the reuse of a dangling pointer that references overwritten memory space.
Affected Version(s)
SAP 3D Visual Enterprise Viewer 9