Canva Affinity Out-of-Bounds Read Vulnerability in EMF Functionality
Vulnerability
A vulnerability allowing out-of-bounds read has been identified in the EMF processing of Canva Affinity version 3.0.1.3808. This issue arises when a specially crafted EMF file is used, leading to the potential disclosure of sensitive information by exploiting the way intercharacter spacing is handled in the 'EMR_EXTTEXTOUTA' record.
Impact
Exploitation of this vulnerability allows for arbitrary memory reading within the process, which could result in the unauthorized disclosure of sensitive information.
Reproduction
The vulnerability can be reproduced by creating an EMF file that exploits the out-of-bounds read condition. This crafted file should be opened in Canva Affinity 3.0.1.3808 with pageheap debugging enabled, which will reveal the memory access violation caused by the vulnerability.
Remediation
Users are advised to upgrade to the latest version of Canva Affinity available from the Affinity website.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.