CVE-2018-3976

Name of the Vulnerable Software and Affected Versions Canvas Draw version 5.0.0.28

Description The issue is related to an out-of-bounds write in the CALS Raster file format-parsing functionality. A specially crafted CAL image can cause an out-of-bounds write, allowing an attacker to overwrite arbitrary data and potentially gain code execution.

Recommendations For version 5.0.0.28, consider avoiding the use of CAL images until a patch is available. As a temporary workaround, restrict the processing of CAL images via the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.