Vulnerabilities > CVE-2018-3981 - Out-of-bounds Write vulnerability in Canvasgfx Canvas Draw 5.0.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Talos
id | TALOS-2018-0649 |
last seen | 2019-05-29 |
published | 2019-01-30 |
reporter | Talos Intelligence |
source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0649 |
title | ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability |
References
- http://www.securityfocus.com/bid/106809
- http://www.securityfocus.com/bid/106809
- https://talosintelligence.com/vulnerability_reports/TALOS-2018-0649
- https://talosintelligence.com/vulnerability_reports/TALOS-2018-0649
- https://talosintelligence.com/vulnerability_reports/TALOS-2018-0651
- https://talosintelligence.com/vulnerability_reports/TALOS-2018-0651