SketchUp Flaw (Security)?
-
I don't know enough about the inner workings of computers to confirm this but I thought it might be of interest.
"The bad news that I have for you today is that Google SketchUp is unfortunately vulnerable to dangerous attacks. It is currently at risk due to the factor that the application fails to correctly do boundary checks, with regard to the input supplied by the user. The particular vulnerability that Google SketchUp suffers from is a buffer overflow vulnerability."
Anybody know more about this?
Should we care or is this just speculation?
-
it is a buffer overflow in the code that checks the .skp file (Sketchup, Layout, the thumbnailer in Explorer)
the idea is that you can run arbitrary code by looking to a malicious .skp fileI tried the .skp that should trigger the buffer overflow but I got only "Unexpected file format" error message.
Google is notified about the problem and a fix should come in the next update (after current 7.0.10247)
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better đź’—
Register Login
Advertisement