CVE-2011-2478
Google SketchUp < 8 - Remote Code Execution via Crafted SKP File
Title source: llmDescription
Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
http://technet.microsoft.com/en-us/security/msvr/msvr11-006
Various Sources x_refsource_confirm
http://support.google.com/sketchup/bin/static.py?hl=en&page=release_notes.cs&rd=1
Scores
EPSS
0.0215
EPSS Percentile
79.9%
Details
CWE
CWE-94
Status
published
Products (4)
google/sketchup
6.0 maintenance_6
google/sketchup
7.0 maintenance_1
google/sketchup
7.1 (2 CPE variants)
google/sketchup
< 7.1
Published
Apr 17, 2012
Tracked Since
Feb 18, 2026