Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share Out-of-bounds Write

In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

跨界内存写

Ashlar-Vellum多款产品 缓冲区错误漏洞

Ashlar-Vellum Xenon等都是Ashlar-Vellum公司的产品。Ashlar-Vellum Xenon是一款 CAD 建模软件。Ashlar-Vellum Cobalt是一种基于参数的计算机辅助设计和 3D 建模程序。Ashlar-Vellum Argon是一款2D制图和3D建模软件。 Ashlar-Vellum多款产品存在缓冲区错误漏洞，该漏洞源于解析CO文件时缺少用户输入验证，可能导致越界写入和执行任意代码。以下产品及版本受到影响：Cobalt、Xenon、Argon、Lithium

N/A

N/A