CNNVD-202511-2721 Information
CNNVD ID
CNNVD-202511-2721
Related CVE
- CNNVD Published: 2025-11-25
Description (Chinese)
Ashlar-Vellum Xenon等都是Ashlar-Vellum公司的产品。Ashlar-Vellum Xenon是一款 CAD 建模软件。Ashlar-Vellum Cobalt是一种基于参数的计算机辅助设计和 3D 建模程序。Ashlar-Vellum Argon是一款2D制图和3D建模软件。 Ashlar-Vellum多款产品存在安全漏洞,该漏洞源于堆缓冲区溢出,可能导致信息泄露或执行任意代码。以下产品及版本受到影响:Ashlar-Vellum Cobalt、Xenon、Argon、Lithium和Cobalt Share 12.6.1204.207及之前版本。
Description (English)
Ashlar-Vellem Xenon and others are the products of Ashlar-Vellum. Ashlar-Vellam Xenon is a CAD modeling software. Ashlar-Vellam Cobalt is a parameter-based computer-aided design and 3D modelling program. Ashlar-Vellum Argon is a 2D mapping and 3D modelling software. There is a safety gap in the Ashlar-Vellum product, which stems from the spilling of the buffer zone, which could lead to the disclosure of information or the enforcement of random codes. The following products and versions were affected: Ashlar-Vellam Cobalt, Xenon, Argon, Lithium and Cobalt Share 12.6.12204.207 and earlier.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Ashlar-Vellum
Published
2025-11-25
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-01 https://access.redhat.com/security/cve/cve-2025-65085
Patch
https://ashlar.com/products/cad-and-3d-modeling-trial-download.html
Share on: