CVE-2023-0623

Name of the Vulnerable Software and Affected Versions Cscape Envision RV version 4.60

Description The issue arises from a lack of proper validation of user-supplied data when parsing project files, leading to an out-of-bounds write vulnerability. This could result in writes past the end of allocated data structures, allowing an attacker to execute arbitrary code in the context of the current process.

Recommendations For Cscape Envision RV version 4.60, update to a version that includes proper validation of user-supplied data to prevent out-of-bounds writes. As a temporary workaround, consider restricting the parsing of project files from untrusted sources until a patch is available.