CVE-2010-0280

Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
jan_eric_krprianidislib3ds
1.0
googlegoogle_sketchup
7.0
googlegoogle_sketchup
7.0.10247
googlegoogle_sketchup
7.1.4871
googlegoogle_sketchup
7.1.6087
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
lib3ds
sid
1.3.0-10
fixed
trixie
1.3.0-10
fixed
bookworm
1.3.0-10
fixed
bullseye
1.3.0-10
fixed
lenny
no-dsa
etch
no-dsa
openscenegraph
bullseye
3.6.5+dfsg1-7
fixed
lenny
no-dsa
etch
no-dsa
sid
3.6.5+dfsg1-8
fixed
trixie
3.6.5+dfsg1-8
fixed
bookworm
3.6.5+dfsg1-8
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
lib3ds
zesty
not-affected
yakkety
ignored
xenial
not-affected
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
saucy
ignored
raring
ignored
quantal
ignored
precise
ignored
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
karmic
ignored
jaunty
ignored
intrepid
ignored
hardy
ignored
dapper
ignored
Common Weakness Enumeration