VYPR
Unrated severityNVD Advisory· Published Jun 13, 2014· Updated Jun 16, 2026

CVE-2013-3663

CVE-2013-3663

Description

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed BMP.

Affected products

8
  • Google/Sketchup7 versions
    cpe:2.3:a:google:sketchup:6.0:maintenance_6:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:google:sketchup:6.0:maintenance_6:*:*:*:*:*:*
    • cpe:2.3:a:google:sketchup:7.0:maintenance_1:*:*:*:*:*:*
    • cpe:2.3:a:google:sketchup:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:sketchup:7.1:maintenance_1:*:*:*:*:*:*
    • cpe:2.3:a:google:sketchup:7.1:maintenance_2:*:*:*:*:*:*
    • cpe:2.3:a:google:sketchup:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:sketchup:*:maintenance_1:*:*:*:*:*:*range: <=8.0
  • Trimble/Sketchupllm-fuzzy
    Range: < 8 Maintenance 3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.