CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2015-6948 – Corel WordPerfect Heap Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6948
02 Sep 2015 — Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect allows remote attackers to execute arbitrary code via a crafted document. Desbordamiento de buffer basado en memoria dinámica en la funcionalidad conversión de documento en Corel WordPerfect, permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Corel WordPerfect. User intera... • http://www.securitytracker.com/id/1033559 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 4%CPEs: 5EXPL: 3CVE-2014-8393 – CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8393
13 Jan 2015 — DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion. Existe una vulnerabilidad de secuestro de DLL en CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015 y Corel PDF Fusion. Various Corel software suffers from a DLL hijacking vulnerability. When a file associated with the Corel software is opened, the directory of that document is first used to locate DLLs, which could allow an attacker to execute arbi... • https://packetstorm.news/files/id/129922 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 7%CPEs: 1EXPL: 1CVE-2014-8398 – Corel Software DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8398
13 Jan 2015 — Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7) uvipl.dll, (8) VC1DecDll.dll, or (9) VC1DecDll_SSE3.dll file that is located in the same folder as the file being processed. Múltiples vulnerabilidades de ruta de búsqueda no confiable en Corel FastFlick permiten a usuarios locales ejecutar ... • https://packetstorm.news/files/id/129922 •
CVSS: 7.3EPSS: 7%CPEs: 1EXPL: 1CVE-2014-8396 – Corel Software DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8396
13 Jan 2015 — Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same folder as the file being processed. Vulnerabilidad de ruta de búsqueda no confiable en Corel PDF Fusion permite a usuarios locales ejecutar código arbitrario y realizar ataques del secuestro de DLL a través de un fichero quserex.dll troyano que se ubica en la misma carpeta que el fichero siendo procesado. Variou... • https://packetstorm.news/files/id/129922 •
CVSS: 7.3EPSS: 7%CPEs: 1EXPL: 1CVE-2014-8394 – Corel Software DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8394
13 Jan 2015 — Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) FxManagedCommands_3.08_9.tx or (2) TD_Mgd_3.08_9.dll file in the current working directory. Múltiples vulnerabilidades de ruta de búsqueda no confiable en Corel CAD 2014 permiten a usuarios locales ejecutar código arbitrario y realizar ataques del secuestro de DLL a través de un fichero (1) FxManagedCommands_3.08_9.tx o (2) TD_Mgd_3.08_9.dll tr... • https://packetstorm.news/files/id/129922 •
CVSS: 7.3EPSS: 7%CPEs: 2EXPL: 1CVE-2014-8397 – Corel Software DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8397
13 Jan 2015 — Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed. Vulnerabilidad de ruta de búsqueda no confiable en Corel VideoStudio PRO X7 o FastFlick permite a usuarios locales ejecutar código arbitrario y realizar ataques del secuestro de DLL a través de un fichero u32ZLib.dll troyano que se ubica en la misma carpet... • https://packetstorm.news/files/id/129922 •
CVSS: 7.3EPSS: 7%CPEs: 1EXPL: 1CVE-2014-8395 – Corel Software DLL Hijacking
https://notcve.org/view.php?id=CVE-2014-8395
13 Jan 2015 — Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed. Vulnerabilidad de ruta de búsqueda no confiable en Corel Painter 2015 permite a usuarios locales ejecutar código arbitrario y realizar ataques del secuestro de DLL a través de un fichero wacommt.dll troyano que se ubica en la misma carpeta que el fichero siendo procesado. Va... • https://packetstorm.news/files/id/129922 •
CVSS: 9.3EPSS: 7%CPEs: 2EXPL: 0CVE-2013-0733
https://notcve.org/view.php?id=CVE-2013-0733
05 Jun 2014 — Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file. Vulnerabilidad de búsqueda de ruta no confiable en Corel PaintShop Pro X5 y X6 16.0.0.113, 15.2.0.2 y anteriores permite a usuarios locales ejecutar código arbitrario y realizar ataques de secuestro de DLL a través de un caballo de troya dwmapi.dll ... • http://osvdb.org/98163 •
CVSS: 9.8EPSS: 76%CPEs: 1EXPL: 2CVE-2013-0742 – Corel PDF Fusion - Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-0742
03 Oct 2013 — Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file. Desbordamiento de buffer basado en pila en Corel PDF Fusion 1.11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (cuelgue de la aplicación) a través de un directorio largo ZIP con nombre de entrada en un archivo XPS. • https://www.exploit-db.com/exploits/26805 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 58%CPEs: 1EXPL: 2CVE-2013-3248 – Corel PDF Fusion - Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-3248
12 Jul 2013 — Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file. Vulnerabilidad de búsqueda de ruta no confiable en Corel PDF Fusion 1.11 permite a usuarios locales obtener privilegios a través de un caballo de troya en el archivo wintab32.dll del directorio de trabajo actual, como lo demuestra un directorio que contiene un archivo .pdf o ... • https://packetstorm.news/files/id/122382 •