Google Sketchup fails to validate the input when parsing an crafted skp file with Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
CVE Link
Exploit Platform
Exploit Type
Product Name