Remote Code Execution Vulnerability in SAP 3D Visual Enterprise Viewer
CVE-2022-41196
7.8HIGH
What is CVE-2022-41196?
A security flaw exists in SAP 3D Visual Enterprise Viewer due to inadequate memory management. When a user interacts with a specially crafted VRML Worlds (.wrl, vrml.x3d) file from untrusted sources, it can lead to a remote code execution. This occurs as the payload triggers a stack-based overflow or a reuse of a dangling pointer, resulting in potential exploitation through manipulated memory space.
Affected Version(s)
SAP 3D Visual Enterprise Viewer 9