CVE-2023-35709
Ashlar-Vellum Cobalt is affected by a heap-based buffer overflow in the CO-file parser that can lead to remote code execution. The flaw stems from insufficient validation of user-supplied data length prior to heap copying, with exploitation requiring user interaction (visiting a malicious page or...