var-201602-0173
Vulnerability from variot
Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to execute arbitrary code via a crafted SketchUp document. NOTE: the primary affected product may be SketchUp. In addition, this case SketchUp May be a vulnerability.Skillfully crafted by a third party SketchUp Arbitrary code may be executed through the documentation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of SketchUp documents. With a specially crafted SketchUp document, an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "3d visual enterprise viewer",
"scope": null,
"trust": 4.8,
"vendor": "sap",
"version": null
},
{
"model": "3d visual enterprise viewer",
"scope": "eq",
"trust": 1.2,
"vendor": "sap",
"version": "*"
},
{
"model": "sketchup",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "*"
},
{
"model": "sketchup",
"scope": null,
"trust": 0.8,
"vendor": "trimble",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"db": "CNVD",
"id": "CNVD-2016-01480"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"db": "NVD",
"id": "CVE-2016-2536"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:3d_visual_enterprise_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:sketchup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2536"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
}
],
"trust": 2.8
},
"cve": "CVE-2016-2536",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2536",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 3.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-01480",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-2536",
"trust": 2.8,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-2536",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-2536",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-01480",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-396",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"db": "CNVD",
"id": "CNVD-2016-01480"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"db": "NVD",
"id": "CVE-2016-2536"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to execute arbitrary code via a crafted SketchUp document. NOTE: the primary affected product may be SketchUp. In addition, this case SketchUp May be a vulnerability.Skillfully crafted by a third party SketchUp Arbitrary code may be executed through the documentation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of SketchUp documents. With a specially crafted SketchUp document, an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2536"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"db": "CNVD",
"id": "CNVD-2016-01480"
},
{
"db": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2536",
"trust": 5.2
},
{
"db": "ZDI",
"id": "ZDI-16-176",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-16-173",
"trust": 3.1
},
{
"db": "ZDI",
"id": "ZDI-16-174",
"trust": 3.1
},
{
"db": "ZDI",
"id": "ZDI-16-175",
"trust": 3.1
},
{
"db": "BID",
"id": "83307",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2016-01480",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001539",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2974",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2976",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2975",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2979",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201602-396",
"trust": 0.6
},
{
"db": "IVD",
"id": "D4504B9C-1E42-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"db": "CNVD",
"id": "CNVD-2016-01480"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"db": "NVD",
"id": "CVE-2016-2536"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
]
},
"id": "VAR-201602-0173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-01480"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-01480"
}
]
},
"last_update_date": "2023-12-18T12:30:04.300000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.06/30/2015 - Disclosed vulnerability reports to vendor09/28/2015 - The vendor let ZDI know that they would need an extension09/29/2015 - ZDI agreed to an extension02/09/2016 - ZDI notified the vendor that these would move to 0-day02/09/2016 - The vendor replied that: \"This issue is related to SketchUp having this vulnerability. SketchUp has refused to provide a patch. Is it still possible to ask for an \u0027exceptional\u0027 extension for us to manage a work-around?\"02/10/2016 - ZDI responded \"No further extension can be granted.\"-- Mitigation:Given the stated purpose of SAP 3D Virtual Enterprise Viewer, and the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the application to trusted files.-- Vendor Response:On 2/26/2016 SAP notified ZDI of the following available updates:2281195 \u003c - Potential remote termination of running processes in SAP Visual Enterprise Author, Generator and ViewerAn attacker can remotely exploit SAP Visual Enterprise Author, Generator and Viewer version 8.0, which may lead to application termination.Customers are advised to apply Note 2281195 \u003c immediately. We would like to remind our customers to secure SAP systems by installing all available security patches. You can find security notes and patches in the SAP Support Portal here \u003chttps://support.sap.com/securitynotes\u003e .",
"trust": 2.8,
"url": "https://service.sap.com/sap/support/notes/2281195\u003e"
},
{
"title": "SAP 3D Visual Enterprise Viewer",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/display/sve/sap+3d+visual+enterprise+viewer"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001539"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"db": "NVD",
"id": "CVE-2016-2536"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.6,
"url": "https://service.sap.com/sap/support/notes/2281195\u003e"
},
{
"trust": 2.8,
"url": "https://support.sap.com/securitynotes\u003e"
},
{
"trust": 2.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-173"
},
{
"trust": 2.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-174"
},
{
"trust": 2.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-175"
},
{
"trust": 2.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-176"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/83307"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2536"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2536"
},
{
"trust": 0.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-176/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"db": "CNVD",
"id": "CNVD-2016-01480"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"db": "NVD",
"id": "CVE-2016-2536"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"db": "CNVD",
"id": "CNVD-2016-01480"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"db": "NVD",
"id": "CVE-2016-2536"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "IVD",
"id": "d4504b9c-1e42-11e6-abef-000c29c66e3d"
},
{
"date": "2016-02-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"date": "2016-02-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"date": "2016-02-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"date": "2016-02-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"date": "2016-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01480"
},
{
"date": "2016-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"date": "2016-02-22T15:59:03.097000",
"db": "NVD",
"id": "CVE-2016-2536"
},
{
"date": "2016-02-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"date": "2016-02-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"date": "2016-02-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"date": "2016-02-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-175"
},
{
"date": "2016-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01480"
},
{
"date": "2016-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001539"
},
{
"date": "2016-05-20T03:02:57.897000",
"db": "NVD",
"id": "CVE-2016-2536"
},
{
"date": "2016-02-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "(0Day) SAP 3D Visual Enterprise Viewer SketchUp document Use-After-Free Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-173"
},
{
"db": "ZDI",
"id": "ZDI-16-174"
},
{
"db": "ZDI",
"id": "ZDI-16-176"
},
{
"db": "ZDI",
"id": "ZDI-16-175"
}
],
"trust": 2.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-396"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.