
CVE-2022-41211 – SAP 3D Visual Enterprise Viewer DST File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41211
08 Nov 2022 — Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rig... • https://launchpad.support.sap.com/#/notes/3263436 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2022-41191 – SAP 3D Visual Enterprise Viewer JT File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41191
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de una administración apropiada de la memoria, cuando una víctima abre un archivo manipulado Jupiter Tesselation... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2022-41194
https://notcve.org/view.php?id=CVE-2022-41194
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo Encapsulated Postscript manipulado (.eps, ai.x3d) recibido de fuentes no confiables en SAP... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2022-41192 – SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41192
11 Oct 2022 — Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. Debido a una falta de una administración apropiada de la memoria, cuando una víctima abre un archivo manipulado Jupiter Tesselation (.jt, JTReader.x3d) recibido de fuentes no confiables en... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2022-41193 – SAP 3D Visual Enterprise Viewer EPS File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41193
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado Encapsulated Post Scrip... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2022-41190 – SAP 3D Visual Enterprise Viewer DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-41190
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado de AutoCAD (.dxf, TeighaTr... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2022-41195 – SAP 3D Visual Enterprise Viewer IFF File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41195
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de una administración apropiada de la memoria, cuando una víctima abre un archivo manipulado EAAmiga Inte... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2022-41198 – SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41198
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado SketchUp (.skp, SketchUp.x3d) rec... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2022-41202 – SAP 3D Visual Enterprise Viewer VDS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41202
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado de Visual Design Stream (.... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2022-41188 – SAP 3D Visual Enterprise Viewer OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-41188
11 Oct 2022 — Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado de Wavefront Object (.obj, ObjTranslator.exe) recibido de fuentes no confiabl... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •