Page 12 of 127 results (0.009 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

When a user opens manipulated Graphics Interchange Format (.GIF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados de Graphics Interchange Format (.GIF) recibidos de fuentes que no son confiables en SAP 3D Visual Enterprise Viewer, la aplicación se bloquea y deja de estar disponible temporalmente para el usuario hasta que se reinicie la aplicación • https://launchpad.support.sap.com/#/notes/3035472 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos Universal 3D (.U3D) manipulados recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación se bloquea y deja de estar disponible temporalmente para el usuario hasta que se reinicia la aplicación This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://launchpad.support.sap.com/#/notes/3027767 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 https://www.zerodayinitiative.com/advisories/ZDI-21-311 https://www.zerodayinitiative.com/advisories/ZDI-21-313 https://www.zerodayinitiative.com/advisories/ZDI-21-314 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos Tag Image File Format (.TIFF) manipulados recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer versión 9, la aplicación se bloquea y deja de estar disponible temporalmente para el usuario hasta que se reinicia la aplicación This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://launchpad.support.sap.com/#/notes/3027758 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 https://www.zerodayinitiative.com/advisories/ZDI-21-294 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

When a user opens manipulated PhotoShop Document (.PSD) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos de formato PhotoShop Document (.PSD) manipulados recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer versión 9, la aplicación se bloquea y deja de estar disponible temporalmente para el usuario hasta que se reinicia la aplicación • https://launchpad.support.sap.com/#/notes/3027758 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos de formato HPGL manipulados recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer versión 9, la aplicación se bloquea y deja de estar disponible temporalmente para el usuario hasta que se reinicia la aplicación This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HPGL files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://launchpad.support.sap.com/#/notes/3027758 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 https://www.zerodayinitiative.com/advisories/ZDI-21-292 •