Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
SAP 3D Visual Enterprise Viewer和SAP 3D Visual Enterprise Author 缓冲区错误漏洞
Vulnerability Description
SAP 3D Visual Enterprise Viewer和SAP 3D Visual Enterprise Author都是德国思爱普(SAP)公司的产品。SAP 3D Visual Enterprise Viewer是一款 3D 视图查看器。该软件支持在所有行业标准的桌面应用中发布2D、3D场景,并支持以独立可执行程序和 ActiveX 空间单独安装。SAP 3D Visual Enterprise Author是一个用于管理 2D、3D、动画、视频和音频资产的桌面应用程序。 SAP 3D Vis
CVSS Information
N/A
Vulnerability Type
N/A