Vulnerabilities > CVE-2010-0316 - Numeric Errors vulnerability in Google Sketchup

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

google

CWE-189

critical

nessus

NVD

Published: 2010-01-15

Updated: 2011-08-08

Summary

Integer overflow in Google SketchUp before 7.1 M2 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a crafted SKP file.

Vulnerable Configurations

Part	Description	Count
Application	Google Google Google Sketchup 7.0 Google Google Sketchup 7.0.10247 Google Google Sketchup 7.1.4871 Google Google Sketchup 7.1.6087	4

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

Nessus

NASL family	Windows
NASL id	GOOGLE_SKETCHUP_7_1_M2.NASL
description	The version of Google SketchUp installed on the remote host is earlier than 7.1 Maintenance Release 2. Such versions fail to perform adequate checks when processing data contained in
last seen	2020-06-01
modified	2020-06-02
plugin id	56980
published	2011-11-30
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/56980
title	Google SketchUp < 7.1 M2 Remote Code Execution Vulnerabilities

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References