Description
In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
INFO
Published Date :
2025-02-04T22:13:12.592Z
Last Modified :
2025-02-05T19:44:07.344Z
Source :
icscert
AFFECTED PRODUCTS
The following products are affected by CVE-2023-40222 vulnerability.
| Vendors | Products |
|---|---|
| Ashlar |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2023-40222.
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact