CNNVD-202509-2655 Information

CNNVD ID

CNNVD-202509-2655

Related CVE

CVE-2025-7983

• CNNVD Published: 2025-09-17

Description (Chinese)

Ashlar-Vellum Graphite是Ashlar-Vellum公司的一款 CAD 建模软件。 Ashlar-Vellum Graphite存在安全漏洞，该漏洞源于VC6文件解析过程中未正确验证用户提供数据的长度，可能导致堆缓冲区溢出和远程代码执行。

Description (English)

Ashlar-Vellum Graham is a CAD modeling software for Ashlar-Vellum. There is a security loophole in Ashlar-Vellum Grahame, which stems from the incorrect verification of the length of data provided by users during the analysis of the VC6 file, which may result in spills over the buffer zone and remote code implementation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Ashlar-Vellum

Published

2025-09-17

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-635/