CVE-2023-39427

Name of the Vulnerable Software and Affected Versions Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share version 12 SP0 Build (1204.77)

Description The affected applications lack proper validation of user-supplied data when parsing XE files, which could lead to an out-of-bounds write. An attacker could leverage this issue to execute arbitrary code in the context of the current process.

Recommendations For version 12 SP0 Build (1204.77), consider disabling the parsing of XE files until a patch is available to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.