SAP.3D.VEV.CVE-2021-27595.Memory.Corruption

description-logoDescription

This indicates an attack attempt against a Memory Corruption vulnerability in SAP 3D Visual Enterprise Viewer.
The vulnerability is due to an improper boundary check condition in the application when handling a crafted PDF file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted PDF file.

affected-products-logoAffected Products

SAP 3D Visual Enterprise Viewer, Version - 9

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-05-11 18.076 Name:FG-VD-21-015_SAP.
0day:SAP.
3D.
VEV.
CVE-2021-27595.
Memory.
Corruption
2021-05-04 18.072 Sig Added
2021-04-26 18.066 Default_action:pass:drop
2021-04-13 18.058