Signature Detail
Short Name |
APP:GOOLE-SKETCHUP-3DS-FILE-MC |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Google SketchUp 3DS File Remote Memory Corruption |
Release Date |
2012/12/12 |
Update Number |
2210 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Google SketchUp 3DS File Remote Memory Corruption
This signature detects attempts to exploit a known vulnerability against Google SketchUp. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
Google SketchUp is prone to a remote memory corruption vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Google SketchUp 7.0.10247, 7.1.4871, and 7.1.6087 are vulnerable; other versions may also be affected.
Affected Products
- Google Sketchup 7.0.10247
- Google Sketchup 7.1.4871
- Google Sketchup 7.1.6087
- Google Sketchup 7.6859
- Red Hat Fedora 12
- Red Hat Fedora 13
- Red Hat Fedora 14
References
- BugTraq: 37708
- CVE: CVE-2010-0280