SAP 3d Visual Enterprise Viewer

Due to lack of proper memory management, when a victim opens manipulated file received

CVE-2022-41211 7.8 - High - November 08, 2022

Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured.

Memory Corruption

Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41202 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41201 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41200 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41199 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41198 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received

CVE-2022-41197 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41196 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41195 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received

CVE-2022-41194 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41193 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received

CVE-2022-41192 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41191 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41190 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41189 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received

CVE-2022-41188 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.

Buffer Overflow

Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible

CVE-2022-41187 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received

CVE-2022-41186 7.8 - High - October 11, 2022

Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a re-use of dangling pointer which refers to overwritten space in memory.

Buffer Overflow

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received

CVE-2022-35171 5.5 - Medium - July 12, 2022

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below

Improper Input Validation

When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received

CVE-2022-32243 5.5 - Medium - June 14, 2022

When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received

CVE-2022-32242 5.5 - Medium - June 14, 2022

When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received

CVE-2022-32241 5.5 - Medium - June 14, 2022

When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received

CVE-2022-32240 5.5 - Medium - June 14, 2022

When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received

CVE-2022-32239 5.5 - Medium - June 14, 2022

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received

CVE-2022-32238 5.5 - Medium - June 14, 2022

When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received

CVE-2022-32237 5.5 - Medium - June 14, 2022

When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received

CVE-2022-32236 5.5 - Medium - June 14, 2022

When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received

CVE-2022-32235 5.5 - Medium - June 14, 2022

When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received

CVE-2022-26109 6.5 - Medium - April 12, 2022

When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received

CVE-2022-26108 6.5 - Medium - April 12, 2022

When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received

CVE-2022-26107 6.5 - Medium - April 12, 2022

When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received

CVE-2022-26106 6.5 - Medium - April 12, 2022

When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received

CVE-2022-27654 6.5 - Medium - April 12, 2022

When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received

CVE-2022-27655 6.5 - Medium - April 12, 2022

When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received

CVE-2022-22539 6.5 - Medium - February 09, 2022

When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.

Improper Input Validation

When a user opens a manipulated Adobe Illustrator file format (.ai, ai.x3d) received

CVE-2022-22538 6.5 - Medium - February 09, 2022

When a user opens a manipulated Adobe Illustrator file format (.ai, ai.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.

Improper Input Validation

When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received

CVE-2022-22537 6.5 - Medium - February 09, 2022

When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.

Improper Input Validation

When a user opens manipulated Jupiter Tessellation (.jt) file received

CVE-2021-42070 3.3 - Low - December 14, 2021

When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application

Improper Input Validation

When a user opens manipulated Tagged Image File Format (.tif) file received

CVE-2021-42069 3.3 - Low - December 14, 2021

When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application

Memory Corruption

When a user opens a manipulated GIF (.gif) file received

CVE-2021-42068 3.3 - Low - December 14, 2021

When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Improper Input Validation

When a user opens manipulated files received

CVE-2021-38174 6.5 - Medium - September 14, 2021

When a user opens manipulated files received from untrusted sources in SAP 3D Visual Enterprise Viewer version - 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes out of bounds write

CVE-2021-33681 6.5 - Medium - July 14, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes out of bounds write and causes the application to crash and becoming temporarily unavailable until the user restarts the application.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow

CVE-2021-33680 6.5 - Medium - July 14, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow and causes the application to crash and becoming temporarily unavailable until the user restarts the application.

Classic Buffer Overflow

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-33661 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-33660 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FLI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-33659 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-27643 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-27642 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-27641 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-27640 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PSD file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-27639 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-27638 5.5 - Medium - June 09, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

When a user opens manipulated Graphics Interchange Format (.GIF) files received

CVE-2021-27593 3.3 - Low - March 22, 2021

When a user opens manipulated Graphics Interchange Format (.GIF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Windows Bitmap (.BMP) files received

CVE-2021-27594 3.3 - Low - March 22, 2021

When a user opens manipulated Windows Bitmap (.BMP) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Portable Document Format (.PDF) files received

CVE-2021-27595 3.3 - Low - March 22, 2021

When a user opens manipulated Portable Document Format (.PDF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received

CVE-2021-27596 3.3 - Low - March 22, 2021

When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Graphics Interchange Format (.GIF) format files received

CVE-2021-21493 3.3 - Low - March 09, 2021

When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated PhotoShop Document (.PSD) format files received

CVE-2021-27584 3.3 - Low - March 09, 2021

When a user opens manipulated PhotoShop Document (.PSD) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Computer Graphics Metafile (.CGM) format files received

CVE-2021-27585 7.8 - High - March 09, 2021

When a user opens manipulated Computer Graphics Metafile (.CGM) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Interchange File Format (.IFF) format files received

CVE-2021-27586 7.8 - High - March 09, 2021

When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Jupiter Tessellation (.JT) format files received

CVE-2021-27587 7.8 - High - March 09, 2021

When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated HPGL format files received

CVE-2021-27588 7.8 - High - March 09, 2021

When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Scalable Vector Graphics (.SVG) format files received

CVE-2021-27589 7.8 - High - March 09, 2021

When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Tag Image File Format (.TIFF) format files received

CVE-2021-27590 7.8 - High - March 09, 2021

When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Portable Document Format (.PDF) format files received

CVE-2021-27591 7.8 - High - March 09, 2021

When a user opens manipulated Portable Document Format (.PDF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

When a user opens manipulated Universal 3D (.U3D) files received

CVE-2021-27592 7.8 - High - March 09, 2021

When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21449 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Buffer Overflow

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21450 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PSD file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Buffer Overflow

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21451 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SGI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Buffer Overflow

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21452 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Buffer Overflow

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21453 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Buffer Overflow

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21454 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21455 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21456 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21457 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Buffer Overflow

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21458 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Buffer Overflow

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21459 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21460 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21461 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21462 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21463 8.8 - High - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Out-of-bounds Read

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2021-21464 4.3 - Medium - January 12, 2021

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-26817 7.8 - High - November 10, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows an user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version 9

CVE-2020-6315 5.5 - Medium - October 20, 2020

SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send certain manipulated file to the victim, which can lead to leakage of sensitive information when the victim loads the malicious file into the VE viewer, leading to Information Disclosure.

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6372 7.8 - High - October 15, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6373 7.8 - High - October 15, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6374 7.8 - High - October 15, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Jupiter Tessallation(.jt) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Out-of-bounds Read

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6375 5.5 - Medium - October 15, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Right Computer Graphics Metafile (.cgm) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6376 5.5 - Medium - October 15, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Right Hemisphere Binary (.rh) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6343 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6342 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6341 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Out-of-bounds Read

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6340 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6339 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6338 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RH file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6337 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6336 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6335 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Memory Corruption

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6334 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation

SAP 3D Visual Enterprise Viewer, version - 9

CVE-2020-6333 4.3 - Medium - September 09, 2020

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Improper Input Validation