High severity8.8NVD Advisory· Published Feb 22, 2016· Updated May 6, 2026

CVE-2016-2536

Description

Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to execute arbitrary code via a crafted SketchUp document. NOTE: the primary affected product may be SketchUp.

Affected products

Google/Sketchup
cpe:2.3:a:google:sketchup:*:*:*:*:*:*:*:*
SAP/3d Visual Enterprise Viewer
cpe:2.3:a:sap:3d_visual_enterprise_viewer:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/83307nvd
www.zerodayinitiative.com/advisories/ZDI-16-173nvd
www.zerodayinitiative.com/advisories/ZDI-16-174nvd
www.zerodayinitiative.com/advisories/ZDI-16-175nvd
www.zerodayinitiative.com/advisories/ZDI-16-176nvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000