9.3

CVE-2010-0280

Exploit
Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jan Eric KrprianidisLib3ds Version1.0
GoogleGoogle Sketchup Version7.0
GoogleGoogle Sketchup Version7.0.10247
GoogleGoogle Sketchup Version7.1.4871
GoogleGoogle Sketchup Version7.1.6087
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.66% 0.93
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/38185
Vendor Advisory
http://secunia.com/advisories/38187
Vendor Advisory
http://sketchup.google.com/support/bin/answer.py?hl=en&answer=141303
http://www.coresecurity.com/content/google-sketchup-vulnerability
Exploit
http://www.securityfocus.com/archive/1/508913/100/0/threaded
http://www.securityfocus.com/bid/37708
Exploit
http://www.vupen.com/english/advisories/2010/0133