These vulnerabilities were discovered by Tyler Bohan of Cisco Talos

Today, Talos is disclosing several vulnerabilities that have been identified in Canvas Draw graphics editing tool for Macs.

Canvas Draw 4 is a graphics editing tool used to create and edit images, as well as other graphic-related material. This product has a large user base, and is popular in its specific field. The vulnerable component is in the handling of TIFF images. TIFF is a raster-based image format used in graphics editing projects, thus making it a very common file format for such an application.



Talos Group

Talos Security Intelligence & Research Group