CNNVD-202511-2722 Information
CNNVD ID
CNNVD-202511-2722
Related CVE
- CNNVD Published: 2025-11-25
Description (Chinese)
Ashlar-Vellum Xenon等都是Ashlar-Vellum公司的产品。Ashlar-Vellum Xenon是一款 CAD 建模软件。Ashlar-Vellum Cobalt是一种基于参数的计算机辅助设计和 3D 建模程序。Ashlar-Vellum Argon是一款2D制图和3D建模软件。 Ashlar-Vellum多款产品存在缓冲区错误漏洞,该漏洞源于越界写入,可能导致信息泄露或执行任意代码。以下产品及版本受到影响:Ashlar-Vellum Cobalt、Xenon、Argon、Lithium和Cobalt Share 12.6.1204.207及之前版本。
Description (English)
Ashlar-Vellem Xenon and others are the products of Ashlar-Vellum. Ashlar-Vellam Xenon is a CAD modeling software. Ashlar-Vellam Cobalt is a parameter-based computer-aided design and 3D modelling program. Ashlar-Vellum Argon is a 2D mapping and 3D modelling software. Ashlar-Vellam ’ s multiple products had a buffer zone error loophole, which originated in cross-border writing and could lead to information leaks or arbitrary code enforcement. The following products and versions were affected: Ashlar-Vellam Cobalt, Xenon, Argon, Lithium and Cobalt Share 12.6.12204.207 and earlier.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
Ashlar-Vellum
Published
2025-11-25
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-01 https://access.redhat.com/security/cve/cve-2025-65084
Patch
https://ashlar.com/products/cad-and-3d-modeling-trial-download.html
Share on: