CVE-2021-33680

Published: Jul 14, 2021Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow and causes the application to crash and becoming temporarily unavailable until the user restarts the application.

Affected (1)

Products: Sap: 3d Visual Enterprise Viewer

1 product

3d Visual Enterprise Viewer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap 3d Visual Enterprise Viewer	Version 9

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (4)

https://launchpad.support.sap.com/#/notes/3067890

Source: cna@sap.com

Permissions Required

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/3067890

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.