CVE-2025-7992— Ashlar-Vellum Cobalt 缓冲区错误漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2025-7992の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25972.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
跨界内存读
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Ashlar-Vellum Cobalt 缓冲区错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Ashlar-Vellum Cobalt是Ashlar-Vellum公司的一种基于参数的计算机辅助设计和 3D 建模程序。 Ashlar-Vellum Cobalt存在缓冲区错误漏洞,该漏洞源于解析AR文件时缺乏对用户提供数据的适当验证,可能导致越界读取和执行任意代码。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Ashlar-Vellum | Cobalt | 12 SP1 | - |
II. CVE-2025-7992の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2025-7992のインテリジェンス情報
お願いします ログイン より多くのインテリジェンス情報を見る
Same Patch Batch · Ashlar-Vellum · 2025-09-17 · 30 CVEs total
| CVE-2025-7997 | Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerabilit | |
| CVE-2025-8003 | Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerabilit | |
| CVE-2025-8002 | Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability | |
| CVE-2025-8006 | Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerabilit | |
| CVE-2025-8004 | Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerabilit | |
| CVE-2025-8005 | Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability | |
| CVE-2025-8000 | Ashlar-Vellum Cobalt LI File Parsing Type Confusion Remote Code Execution Vulnerability | |
| CVE-2025-8001 | Ashlar-Vellum Cobalt CO File Parsing Memory Corruption Remote Code Execution Vulnerability | |
| CVE-2025-7984 | Ashlar-Vellum Cobalt AR File Parsing Uninitialized Variable Remote Code Execution Vulnerab | |
| CVE-2025-7995 | Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability | |
| CVE-2025-7993 | Ashlar-Vellum Cobalt LI File Parsing Use-After-Free Remote Code Execution Vulnerability | |
| CVE-2025-7991 | Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerabili | |
| CVE-2025-7986 | Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerab | |
| CVE-2025-7988 | Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerab | |
| CVE-2025-7980 | Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerab | |
| CVE-2025-7983 | Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution V | |
| CVE-2025-7987 | Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerab | |
| CVE-2025-7981 | Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulne | |
| CVE-2025-7982 | Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability | |
| CVE-2025-7996 | Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerabili |
Showing 20 of 30 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Cobalt
- CVE-2025-65085
Heap-based Buffer Overflow in Ashlar-Vellum Cobalt, Xenon, A - CVE-2025-65084
Out-of-bounds Write in Ashlar-Vellum Cobalt, Xenon, Argon, L - CVE-2025-11465
Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote C - CVE-2025-11464
Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overf - CVE-2025-11463
Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote
同じベンダー: Ashlar-Vellum
- CVE-2025-65085
Heap-based Buffer Overflow in Ashlar-Vellum Cobalt, Xenon, A - CVE-2025-65084
Out-of-bounds Write in Ashlar-Vellum Cobalt, Xenon, Argon, L - CVE-2025-11465
Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote C - CVE-2025-11464
Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overf - CVE-2025-11463
Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote
同じ弱点: CWE-125
- CVE-2026-6104
Global buffer over-read in mb_convert_encoding() with attack - CVE-2026-7258
Out-of-bounds read in urldecode() on NetBSD - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-3508
ASUS System Control Interface 缓冲区错误漏洞 - CVE-2026-8088
OSGeo gdal GDapi.c GDfieldinfo out-of-bounds
V. CVE-2025-7992へのコメント
まだコメントはありません