SAP 3D Visual Enterprise Author is a desktop application from SAP Germany for managing 2D, 3D, animation, video and audio assets. SAP 3D Visual Enterprise Author version 9 is vulnerable to a buffer overflow vulnerability that stems from a lack of proper memory management. An attacker could exploit the vulnerability to remotely execute code via specially crafted files (.cur, ico.x3d) when the payload forces a stack-based overflow or reuses a dangling pointer to an overwritten space in memory.