CVE-2021-27589

Published: Mar 9, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Affected (1)

Products: Sap: 3d Visual Enterprise Viewer

1 product

3d Visual Enterprise Viewer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap 3d Visual Enterprise Viewer	Version 9

References (6)

https://launchpad.support.sap.com/#/notes/3027758

Source: cna@sap.com

Vendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107

Source: cna@sap.com

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-306/

Source: cna@sap.com

Third Party AdvisoryVDB Entry

https://launchpad.support.sap.com/#/notes/3027758

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-306/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.