Google : Security Vulnerabilities, CVEs, Published In July 2014 (Overflow)
Stack-based buffer overflow in the encode_key function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name.
Max CVSS
5.1
EPSS Score
0.36%
Published
2014-07-02
Updated
2018-10-09
Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap (BMP). NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and codebases (ADT1).
Max CVSS
9.3
EPSS Score
28.36%
Published
2014-07-01
Updated
2017-08-29
Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers an out-of-bounds stack write. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3662. NOTE: this issue was SPLIT due to different affected products and codebases (ADT1); CVE-2013-7388 has been assigned to the paintlib issue.
Max CVSS
9.3
EPSS Score
61.11%
Published
2014-07-01
Updated
2017-08-29
Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers a stack-based buffer overflow.
Max CVSS
9.3
EPSS Score
69.83%
Published
2014-07-01
Updated
2017-08-29
4 vulnerabilities found