GCVE - cpe:2.3:a:google:sketchup:7.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:google:sketchup:7.1:*:*:*:*:*:*:*

part: a version: 7.1 update: *

Vendor	Google (`f181d1eb-7269-5bae-b76e-e66ceb214562`)
Product	Sketchup (`42abe612-611d-54a5-bd88-c5cefe88dec7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-7388`	vulnerable	2026-06-03 14:33:35.668032	Details available Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap (BMP). NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and codebases (ADT1). Published: 2014-07-01T17:00:00.000Z Updated: 2024-08-06T18:09:16.240Z Open on db.gcve.eu Reference links http://www.binamuse.com/advisories/BINA-20130521B.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/84723 http://www.securityfocus.com/bid/60248 http://blog.binamuse.com/2013/05/multiple-vulnerabilities-on-sketchup.html http://secunia.com/advisories/53635	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-3664`	vulnerable	2026-06-03 14:33:08.211020	Details available Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers an out-of-bounds stack write. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3662. NOTE: this issue was SPLIT due to different affected products and codebases (ADT1); CVE-2013-7388 has been assigned to the paintlib issue. Published: 2014-07-01T17:00:00.000Z Updated: 2024-08-06T16:14:56.582Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2013-06/0008.html http://www.binamuse.com/advisories/BINA-20130521A.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/84723 http://www.securityfocus.com/bid/60248 http://blog.binamuse.com/2013/05/multiple-vulnerabilities-on-sketchup.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-3663`	vulnerable	2026-06-03 14:33:08.209353	Details available Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed BMP. Published: 2014-06-13T14:00:00.000Z Updated: 2024-08-06T16:14:56.576Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2013-06/0007.html https://exchange.xforce.ibmcloud.com/vulnerabilities/84721 http://blog.binamuse.com/2013/05/multiple-vulnerabilities-on-sketchup.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-4894`	vulnerable	2026-06-03 14:32:26.080874	Details available Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SKP file. Published: 2012-10-05T10:00:00.000Z Updated: 2024-08-06T20:50:18.128Z Open on db.gcve.eu Reference links http://osvdb.org/85570 http://technet.microsoft.com/security/msvr/msvr12-015 https://exchange.xforce.ibmcloud.com/vulnerabilities/78676 http://support.google.com/sketchup/bin/static.py?page=release_notes.cs http://www.securityfocus.com/bid/55598	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-2478`	vulnerable	2026-06-03 14:31:08.457252	Details available Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file. Published: 2012-04-17T18:00:00.000Z Updated: 2024-08-06T23:00:34.101Z Open on db.gcve.eu Reference links http://technet.microsoft.com/en-us/security/msvr/msvr11-006 http://support.google.com/sketchup/bin/static.py?hl=en&page=release_notes.cs&rd=1	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.