CVE-2022-29506

Name of the Vulnerable Software and Affected Versions V-SFT versions 6.1.3.0 and earlier

Description An out-of-bounds read issue exists in the simulator module of the graphic editor V-SFT, which may allow an attacker to obtain information and/or execute arbitrary code by having a user open a specially crafted image file.

Recommendations For V-SFT versions 6.1.3.0 and earlier, consider disabling the simulator module until a patch is available to prevent potential exploitation. Restrict access to opening image files from untrusted sources to minimize the risk of arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.