SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow and causes the application to crash and becoming temporarily unavailable until the user restarts the application.
References
| Link | Resource |
|---|---|
| https://launchpad.support.sap.com/#/notes/3067890 | Permissions Required |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 | Vendor Advisory |
Configurations
History
16 Jul 2021, 16:05
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:* | |
| CWE | CWE-120 | |
| References | (MISC) https://launchpad.support.sap.com/#/notes/3067890 - Permissions Required | |
| References | (MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
14 Jul 2021, 12:24
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-07-14 12:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-33680
Mitre link : CVE-2021-33680
CVE.ORG link : CVE-2021-33680
JSON object : View
Products Affected
sap
- 3d_visual_enterprise_viewer
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')