PT-2021-23501 · Sap · Sap 3D Visual Enterprise Viewer

Mat Powell

Published

2021-12-14

Updated

2022-07-12

CVE-2021-42069

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions SAP 3D Visual Enterprise Viewer version 9.0

Description The issue occurs when a user opens a manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer. This causes the application to crash and become temporarily unavailable to the user until the application is restarted.

Recommendations For SAP 3D Visual Enterprise Viewer version 9.0, consider avoiding the use of .tif files from untrusted sources until a patch is available. As a temporary workaround, restrict the opening of .tif files in the application to minimize the risk of exploitation.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2021-42069

ZDI-21-1551

Affected Products

Sap 3D Visual Enterprise Viewer

PT-2021-23501 · Sap · Sap 3D Visual Enterprise Viewer

CVE-2021-42069

Weakness Enumeration

Related Identifiers

Affected Products

References · 7