CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38098
https://notcve.org/view.php?id=CVE-2021-38098
01 Oct 2021 — Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. Corel PDF Fusion versión 2.6.2.0, está afectado por una vulnerabilidad de corrupción de la pila cuando analiza un archivo diseñado. Un atacante no autenticado podría aprovecha... • https://www.fortiguard.com/zeroday/FG-VD-21-027 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38096
https://notcve.org/view.php?id=CVE-2021-38096
01 Oct 2021 — Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. La biblioteca Coreip.dll en Corel PDF Fusion versión 2.6.2.0, está afectada por una vulnerabilidad de escritura fuera de límites cuando analiza un archivo d... • https://www.fortiguard.com/zeroday/FG-VD-21-025 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38097
https://notcve.org/view.php?id=CVE-2021-38097
01 Oct 2021 — Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. Corel PDF Fusion versión 2.6.2.0, está afectado por una vulnerabilidad de escritura fuera de límites cuando analiza un archivo diseñado. Un atacante no autenticado podría... • https://www.fortiguard.com/zeroday/FG-VD-21-026 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 4%CPEs: 5EXPL: 3CVE-2014-8393 – CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8393
13 Jan 2015 — DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion. Existe una vulnerabilidad de secuestro de DLL en CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015 y Corel PDF Fusion. Various Corel software suffers from a DLL hijacking vulnerability. When a file associated with the Corel software is opened, the directory of that document is first used to locate DLLs, which could allow an attacker to execute arbi... • https://packetstorm.news/files/id/129922 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 7%CPEs: 1EXPL: 1CVE-2014-8396 – Corel Software DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8396
13 Jan 2015 — Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same folder as the file being processed. Vulnerabilidad de ruta de búsqueda no confiable en Corel PDF Fusion permite a usuarios locales ejecutar código arbitrario y realizar ataques del secuestro de DLL a través de un fichero quserex.dll troyano que se ubica en la misma carpeta que el fichero siendo procesado. Variou... • https://packetstorm.news/files/id/129922 •
CVSS: 9.8EPSS: 77%CPEs: 1EXPL: 2CVE-2013-0742 – Corel PDF Fusion - Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-0742
03 Oct 2013 — Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file. Desbordamiento de buffer basado en pila en Corel PDF Fusion 1.11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (cuelgue de la aplicación) a través de un directorio largo ZIP con nombre de entrada en un archivo XPS. • https://www.exploit-db.com/exploits/26805 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 50%CPEs: 1EXPL: 2CVE-2013-3248 – Corel PDF Fusion - Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-3248
12 Jul 2013 — Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file. Vulnerabilidad de búsqueda de ruta no confiable en Corel PDF Fusion 1.11 permite a usuarios locales obtener privilegios a través de un caballo de troya en el archivo wintab32.dll del directorio de trabajo actual, como lo demuestra un directorio que contiene un archivo .pdf o ... • https://packetstorm.news/files/id/122382 •