Sketchup fails to validate the input when parsing an embedded MAC Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
CVE Link
Exploit Platform
Exploit Type
Product Name