Description
SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafted (1) U3D, (2) LWO, (3) JPEG2000, or (4) FBX file, aka "Out-Of-Bounds Indexing" vulnerabilities.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-527
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-530
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-528
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-529
Scores
EPSS
0.0291
EPSS Percentile
86.6%
Details
CWE
CWE-119
Status
published
Products (1)
sap/3d_visual_enterprise_viewer
Published
Oct 30, 2015
Tracked Since
Feb 18, 2026