2 matches found
Heap overflow
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and...
CVE-2018-3857
Canvas Draw 4.0.0 contains a heap-based buffer overflow in TIFF parsing that allows overwriting memory and executing code when processing a crafted TIFF image. This is the core issue described across multiple sources (e.g., CNVD entries) linking to CVE-2018-3857. Practical impact: attacker-suppli...