CVE-2022-41189

N/A

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

N/A

内存缓冲区边界内操作的限制不恰当

SAP 3D Visual Enterprise Viewer 缓冲区错误漏洞

SAP 3D Visual Enterprise Viewer是德国思爱普（SAP）公司的一款 3D 视图查看器。该软件支持在所有行业标准的桌面应用中发布2D、3D场景，并支持以独立可执行程序和 ActiveX 空间单独安装。 SAP 3D Visual Enterprise Viewer 存在缓冲区错误漏洞，该漏洞源于缺乏适当的内存管理。打开特制的文件(.dwg, TeighaTranslator.exe)时，当有效负载强制基于堆栈的溢出或重新使用指向内存中被覆盖空间的悬空指针时，可能会触发远程代码执行

N/A

N/A