CVE-2011-2478

Google SketchUp < 8 - Remote Code Execution via Crafted SKP File

Title source: llm
STIX 2.1

Description

Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file.

References (2)

Core 2

Scores

EPSS 0.0215
EPSS Percentile 79.9%

Details

CWE
CWE-94
Status published
Products (4)
google/sketchup 6.0 maintenance_6
google/sketchup 7.0 maintenance_1
google/sketchup 7.1 (2 CPE variants)
google/sketchup < 7.1
Published Apr 17, 2012
Tracked Since Feb 18, 2026