N/A

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap (BMP). NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and codebases (ADT1).

N/A

N/A

Trimble Navigation Trimble Navigation Trimble SketchUp 基于堆的缓冲区溢出漏洞

Trimble Navigation Trimble SketchUp（前称Google SketchUp）是美国天宝导航（Trimble Navigation）公司的一套环保型3D建模软件。该软件主要应用于建筑、土木、机械、电影和视频游戏设计。 Trimble Navigation Trimble SketchUp 2013 (13.0.3689)之前版本中使用的paintlib中存在基于堆的缓冲区溢出漏洞。远程攻击者可借助特制的RLE4压缩位图利用该漏洞执行任意代码。

N/A

N/A