Description
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
Active
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- Ashlar-Vellum / Argon0 – 12.6.1204.216
- Ashlar-Vellum / Cobalt0 – 12.6.1204.216
- Ashlar-Vellum / Cobalt Share0 – 12.6.1204.216
- Ashlar-Vellum / Lithium0 – 12.6.1204.216
- Ashlar-Vellum / Xenon0 – 12.6.1204.216