CVE-2021-22678

Name of the Vulnerable Software and Affected Versions Cscape versions prior to 9.90 SP4

Description The issue is related to insufficient validation of user-supplied data when parsing project files, potentially leading to memory corruption. This could allow an attacker to execute code in the context of the current process. The vulnerability can be exploited by a remote attacker to execute arbitrary code.

Recommendations For versions prior to 9.90 SP4, update to version 9.90 SP4 or later to resolve the issue. As a temporary workaround, consider restricting the input of user-supplied data to minimize the risk of exploitation.