CVE-2025-7979 in Graphiteinformación

Resumen

por MITRE • 2025-09-18

Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25463.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Divulgación

2025-09-18

Moderación

aceptado

Artículo

VDB-317308

CPE

listo

EPSS

0.00206

KEV

no

Actividades

muy bajo

Fuentes

Want to know what is going to be exploited?

We predict KEV entries!