ACE vulnerability in Sketchup

Описание

Multiple critical vulnerabilities have been found in Google SketchUp. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities

1. A buffer overflow can be exploited remotely via a specially designed BMP file;
2. The out of bounds write can be exploited remotely via a specially designed palette.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• Google-SketchUp

Список CVE

• CVE-2013-3664
  critical
• CVE-2013-7388
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com