Vulnerabilities > Google > Sketchup > 7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-07-01 | CVE-2013-7388 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap (BMP). | 9.3 |
2014-07-01 | CVE-2013-3664 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers an out-of-bounds stack write. | 9.3 |
2014-07-01 | CVE-2013-3662 | Buffer Errors vulnerability in Google Sketchup 7.0/7.1/8.0 Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers a stack-based buffer overflow. | 9.3 |
2014-06-13 | CVE-2013-3663 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Sketchup Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed BMP. | 9.3 |
2012-10-05 | CVE-2012-4894 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Sketchup Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SKP file. | 9.3 |
2012-04-17 | CVE-2011-2478 | Code Injection vulnerability in Google Sketchup 6.0/7.0/7.1 Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file. | 9.3 |