PT-2021-14559 · Sap · Sap 3D Visual Enterprise Viewer

Xina1I

Published

2021-03-09

Updated

2021-03-19

CVE-2021-21493

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions SAP 3D Visual Enterprise Viewer version 9

Description The issue occurs when a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer. This causes the application to crash and become temporarily unavailable to the user until it is restarted.

Recommendations For SAP 3D Visual Enterprise Viewer version 9, avoid opening .GIF files from untrusted sources to minimize the risk of exploitation. As a temporary workaround, consider restricting the use of the .GIF file parsing functionality until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-21493

ZDI-21-289

ZDI-21-290

ZDI-21-291

ZDI-21-293

ZDI-21-295

ZDI-21-296

ZDI-21-297

ZDI-21-300

ZDI-21-301

ZDI-21-302

ZDI-21-303

ZDI-21-304

ZDI-21-305

ZDI-21-307

ZDI-21-308

ZDI-21-309

Affected Products

Sap 3D Visual Enterprise Viewer

PT-2021-14559 · Sap · Sap 3D Visual Enterprise Viewer

CVE-2021-21493

Related Identifiers

Affected Products

References · 22