Vulnerabilities > CVE-2020-6355 - Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

sap

CWE-787

NVD

Published: 2020-09-09

Updated: 2021-12-04

Summary

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP 3D Visual Enterprise Viewer 9	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://launchpad.support.sap.com/#/notes/2960815
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700
https://www.zerodayinitiative.com/advisories/ZDI-20-1161/