KLA10181
ACE vulnerability in Sketchup
Updated: 06/01/2019
Detect date
?
07/01/2014
Severity
?
Critical
Description

Multiple critical vulnerabilities have been found in Google SketchUp. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities

  1. A buffer overflow can be exploited remotely via a specially designed BMP file;
  2. The out of bounds write can be exploited remotely via a specially designed palette.
Affected products

Sketchup versions 13.0.3688 and earlier

Solution

Update to latest version

Impacts
?
ACE 
[?]
Related products
Google SketchUp
CVE-IDS
?
CVE-2013-36649.3Critical
CVE-2013-73889.3Critical