CNNVD-202509-2658 Information

CNNVD ID

CNNVD-202509-2658

Related CVE

CVE-2025-7980

• CNNVD Published: 2025-09-17

Description (Chinese)

Ashlar-Vellum Graphite是Ashlar-Vellum公司的一款 CAD 建模软件。 Ashlar-Vellum Graphite存在缓冲区错误漏洞，该漏洞源于VC6文件解析过程中缺乏对用户提供数据的适当验证，可能导致越界写入，从而在当前进程环境中执行任意代码。

Description (English)

Ashlar-Vellum Graham is a CAD modeling software for Ashlar-Vellum. Ashlar-Vellum Graham had a buffer zone error loophole, which stemmed from the lack of proper validation of data provided by users during the analysis of the VC6 document, which could lead to cross-border writing, thus enforcing any code in the current process environment.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

Ashlar-Vellum

Published

2025-09-17

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-631/