CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38109
https://notcve.org/view.php?id=CVE-2021-38109
01 Oct 2021 — Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CDR file. Corel DrawStandard 2020 versión 22.0.0.474, está afectado por una vulnerabilidad de lectura fuera de límites cuando analiza un archivo diseñado. Un atacante no ... • https://www.fortiguard.com/zeroday/FG-VD-21-038 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9043
https://notcve.org/view.php?id=CVE-2016-9043
24 Apr 2018 — An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file to trigger this vulnerability. Existe una vulnerabilidad de escritura fuera de límites en la funcionalidad de análisis EMF de CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). Un archivo EMF especial... • http://www.securityfocus.com/bid/99900 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2803
https://notcve.org/view.php?id=CVE-2017-2803
24 Apr 2018 — A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. This vulnerability only exists in the 64-bit version. Existe una vulnerabilidad de escritura fuera de límites remota en la funcionalidad de análisis sintáctico de TIFF de Core PHOTO-PAINT X8 18.1.0.661. • http://www.securityfocus.com/bid/99900 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8730
https://notcve.org/view.php?id=CVE-2016-8730
24 Apr 2018 — An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the victim a specific GIF file to trigger this vulnerability. Existe una vulnerabilidad de escritura fuera de límites/corrupción de memoria en la funcionalidad de análisis sintáctico de GIF de Core PHOTO-PAINT X8 18.1.0.661. Un archivo GIF... • http://www.securityfocus.com/bid/99900 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2804
https://notcve.org/view.php?id=CVE-2017-2804
24 Apr 2018 — A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. Existe una vulnerabilidad de escritura fuera de límites remota en la funcionalidad de análisis sintáctico de TIFF de Core PHOTO-PAINT X8 18.1.0.661. Un archivo TIFF especialmente manipulado puede provocar una vul... • http://www.securityfocus.com/bid/99900 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 3CVE-2014-8393 – CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8393
13 Jan 2015 — DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion. Existe una vulnerabilidad de secuestro de DLL en CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015 y Corel PDF Fusion. Various Corel software suffers from a DLL hijacking vulnerability. When a file associated with the Corel software is opened, the directory of that document is first used to locate DLLs, which could allow an attacker to execute arbi... • https://packetstorm.news/files/id/129922 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 95%CPEs: 2EXPL: 2CVE-2010-5240 – CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-5240
07 Sep 2012 — Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de path de búsqueda no confiable en Corel PHOTO-PAINT y CorelDRAW X5 v15.1.0.588, permite a usuario locales obt... • https://www.exploit-db.com/exploits/14786 •