CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
90.4%
Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | lib3ds | < 1.3.0-5 | lib3ds_1.3.0-5_all.deb |
Debian | 11 | all | lib3ds | < 1.3.0-5 | lib3ds_1.3.0-5_all.deb |
Debian | 999 | all | lib3ds | < 1.3.0-5 | lib3ds_1.3.0-5_all.deb |
Debian | 13 | all | lib3ds | < 1.3.0-5 | lib3ds_1.3.0-5_all.deb |
Debian | 12 | all | openscenegraph | < 2.8.0-1 | openscenegraph_2.8.0-1_all.deb |
Debian | 11 | all | openscenegraph | < 2.8.0-1 | openscenegraph_2.8.0-1_all.deb |
Debian | 999 | all | openscenegraph | < 2.8.0-1 | openscenegraph_2.8.0-1_all.deb |
Debian | 13 | all | openscenegraph | < 2.8.0-1 | openscenegraph_2.8.0-1_all.deb |