Intrusion PreventionSketchup.MAC.Pict.Material.Palette.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution vulnerability in Sketchup.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted .skp file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted .skp file.
Affected Products
SketchUp 8 - Maintenance 5 - Win 8.0.16846 Mac 8.0.16845
SketchUp 8 - Maintenance 4 - Win 8.0.15158 Mac 8.0.15157
SketchUp 8 - Maintenance 3
SketchUp 8 - Maintenance 2
SketchUp 8 - Maintenance 1
SketchUp 8
SketchUp 7.1 - Maintenance 2
SketchUp 7.1 - Maintenance 1
SketchUp 7.1
SketchUp 7 - Maintenance 1
SketchUp Pro 6 - Maintenance 6
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version available from the website.
http://www.sketchup.com/products/sketchup-pro/new-in-2013
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 35959 |
| Created | Jul 09, 2013 |
| Updated | Jun 07, 2022 |
| Risk |
|
| CVE ID | CVE-2013-3662 CVE-2013-3664 |
| Exploit Prediction Score | 69.83% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |