Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-3871

EPSS 0.34% · P56
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-3871

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3870.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存写
Source: NVD (National Vulnerability Database)
Vulnerability Title
ACD Systems Canvas Draw 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ACD Systems Canvas Draw是美国ACD Systems公司的一款图形编辑工具,它主要用于创建和编辑图像等。 ACD Systems Canvas Draw 4.0.0版本中的PCX解析功能存在安全漏洞。攻击者可通过发送特制的PCX图像利用该漏洞覆盖任意数据,执行代码(越界写入)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
ACD SystemsCanvas Draw ACD Systems Canvas Draw 4.0.0 -

II. Public POCs for CVE-2018-3871

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-3871

登录查看更多情报信息。

Same Patch Batch · ACD Systems · 2018-07-19 · 6 CVEs total

CVE-2018-3857ACD Systems Canvas Draw 缓冲区错误漏洞
CVE-2018-3858ACD Systems Canvas Draw 缓冲区错误漏洞
CVE-2018-3859ACD Systems Canvas Draw 缓冲区错误漏洞
CVE-2018-3860ACD Systems Canvas Draw 缓冲区错误漏洞
CVE-2018-3870ACD Systems Canvas Draw 缓冲区错误漏洞

IV. Related Vulnerabilities

Same product: Canvas Draw
Same vendor: ACD Systems
Same weakness: CWE-787

V. Comments for CVE-2018-3871

No comments yet

Leave a comment