CVE-2018-3973

An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0638 Exploit Third Party Advisory
http://www.securityfocus.com/bid/106809 Broken Link Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:canvasgfx:canvas_draw:5.0.0:*:*:*:*:mac:*:*

Information

Published : 2019-02-06 09:29

Updated : 2023-02-03 05:58


NVD link : CVE-2018-3973

Mitre link : CVE-2018-3973

Products Affected
No products.
CWE