Description
In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
INFO
Published Date :
2025-02-04T22:15:45.778Z
Last Modified :
2025-02-05T19:40:57.967Z
Source :
icscert
AFFECTED PRODUCTS
The following products are affected by CVE-2023-39943 vulnerability.
| Vendors | Products |
|---|---|
| Ashlar |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2023-39943.
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact