Vulnerabilities > SAP > 3D Visual Enterprise Viewer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-11 | CVE-2022-41195 | Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9 Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | 7.8 |
| 2022-10-11 | CVE-2022-41196 | Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9 Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | 7.8 |
| 2022-10-11 | CVE-2022-41197 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP 3D Visual Enterprise Viewer 9 Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. | 7.8 |
| 2022-10-11 | CVE-2022-41198 | Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9 Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | 7.8 |
| 2022-10-11 | CVE-2022-41199 | Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9 Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | 7.8 |
| 2022-10-11 | CVE-2022-41200 | Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9 Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | 7.8 |
| 2022-10-11 | CVE-2022-41201 | Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9 Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | 7.8 |
| 2022-10-11 | CVE-2022-41202 | Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9 Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | 7.8 |
| 2022-07-12 | CVE-2022-35171 | Improper Input Validation vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 4.3 |
| 2022-06-14 | CVE-2022-32240 | Improper Input Validation vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 4.3 |