CVE-2023-42101— Ashlar Incorporated Ashlar-Vellum Cobalt 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2023-42101の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-20418.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
跨界内存读
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Ashlar Incorporated Ashlar-Vellum Cobalt 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Ashlar Incorporated Ashlar-Vellum是Ashlar Incorporated公司的计算机辅助设计 (CAD) 和 3D 建模软件的开发平台。 Ashlar Incorporated Ashlar-Vellum Cobalt存在安全漏洞,该漏洞源于存在越界读取远程代码执行漏洞,允许远程攻击者在受影响的安装上执行任意代码。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Ashlar-Vellum | Cobalt | Ashlar-Vellum Cobalt 12 beta build 1204.61 | - |
II. CVE-2023-42101の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2023-42101のインテリジェンス情報
お願いします ログイン より多くのインテリジェンス情報を見る
Same Patch Batch · Ashlar-Vellum · 2024-05-03 · 38 CVEs total
| CVE-2023-34304 | Ashlar-Vellum Cobalt Out-Of-Bounds Access Remote Code Execution Vulnerability | |
| CVE-2023-34293 | Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability | |
| CVE-2023-34288 | Ashlar-Vellum Cobalt XE File Parsing Uninitialized Pointer Remote Code Execution Vulnerabi | |
| CVE-2023-34300 | Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution V | |
| CVE-2023-34289 | Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability | |
| CVE-2023-34306 | Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution | |
| CVE-2023-34290 | Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability | |
| CVE-2023-34292 | Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability | |
| CVE-2023-34286 | Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerabili | |
| CVE-2023-34310 | Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability | |
| CVE-2023-34311 | Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability | |
| CVE-2023-34303 | Ashlar-Vellum Cobalt Out-Of-Bounds Read Remote Code Execution Vulnerability | |
| CVE-2023-34305 | Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability | |
| CVE-2023-34291 | Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability | |
| CVE-2023-34309 | Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability | |
| CVE-2023-42103 | Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability | |
| CVE-2023-42105 | Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability | |
| CVE-2023-42102 | Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability | |
| CVE-2023-42104 | Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability | |
| CVE-2023-44439 | Ashlar-Vellum Xenon Uncontrolled Search Path Element Remote Code Execution Vulnerability |
Showing 20 of 38 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Cobalt
- CVE-2025-65085
Heap-based Buffer Overflow in Ashlar-Vellum Cobalt, Xenon, A - CVE-2025-65084
Out-of-bounds Write in Ashlar-Vellum Cobalt, Xenon, Argon, L - CVE-2025-11465
Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote C - CVE-2025-11464
Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overf - CVE-2025-11463
Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote
同じベンダー: Ashlar-Vellum
- CVE-2025-65085
Heap-based Buffer Overflow in Ashlar-Vellum Cobalt, Xenon, A - CVE-2025-65084
Out-of-bounds Write in Ashlar-Vellum Cobalt, Xenon, Argon, L - CVE-2025-11465
Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote C - CVE-2025-11464
Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overf - CVE-2025-11463
Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote
同じ弱点: CWE-125
- CVE-2026-6104
Global buffer over-read in mb_convert_encoding() with attack - CVE-2026-7258
Out-of-bounds read in urldecode() on NetBSD - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-3508
ASUS System Control Interface 缓冲区错误漏洞 - CVE-2026-8088
OSGeo gdal GDapi.c GDfieldinfo out-of-bounds
V. CVE-2023-42101へのコメント
まだコメントはありません