CNNVD-202601-4199 Information
Jan 23, 2026
cve
CNNVD ID
CNNVD-202601-4199
Related CVE
- CNNVD Published: 2026-01-23
Description (Chinese)
Trimble SketchUp是美国Trimble公司的一套面向建筑师、城市规划专家、制片人、游戏开发者以及相关专业人员的3D建模程序。 Trimble SketchUp存在资源管理错误漏洞,该漏洞源于解析SKP文件时缺少对对象存在性的验证,可能导致释放后重用和远程代码执行。
Description (English)
Trimble SketchUp is a 3D modelling program for architects, urban planners, producers, game developers and relevant professionals from Trimble, USA. Trimble SketchUp has a resource management error loophole, which results from the lack of validation of the object ’ s existence when the SKP file is deciphered, which may lead to re-use and remote code execution after release.
Hazard Level
Medium
Vulnerability Type
资源管理错误
Affected Vendor
Trimble
Published
2026-01-23
Last Modified
2026-02-24
References
https://www.zerodayinitiative.com/advisories/ZDI-25-1198/
Patch
https://sketchup.trimble.com/zh-cn
Share on: