Cscape (All versions prior to 9.90 SP3.5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current process.
[
{
"product": "Cscape",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 9.90 SP3.5"
}
]
}
]