Description
Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SKP file.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/85570
Vendor Advisory x_refsource_misc
http://technet.microsoft.com/security/msvr/msvr12-015
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78676
Various Sources x_refsource_misc
http://support.google.com/sketchup/bin/static.py?page=release_notes.cs
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/55598
Scores
EPSS
0.0530
EPSS Percentile
91.6%
Details
CWE
CWE-119
Status
published
Products (5)
google/sketchup
6.0 maintenance_6
google/sketchup
7.0 maintenance_1
google/sketchup
7.1 (3 CPE variants)
google/sketchup
8.0 (2 CPE variants)
google/sketchup
< 8.0
Published
Oct 05, 2012
Tracked Since
Feb 18, 2026