Page 5 of 54 results (0.002 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 4

08 Mar 2013 — The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted QPW file. Las funciones (1) QProGetNotebookWindowHandle y (2) Ordinal132 en QPW160.dll en Corel Quattro Pro X6 Standard Edition 16.0.0.388 y anteriores permiten a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída) a través de un... • https://packetstorm.news/files/id/120713 •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1

08 Mar 2013 — Corel WordPerfect Office X6 16.0.0.388 has a DoS Vulnerability via untrusted pointer dereference Corel WordPerfect Office X6 versión 16.0.0.388, presenta una vulnerabilidad de DoS por medio de una desreferencia de puntero no confiable. Corel WordPerfect version X6 Standard Edition suffers from an untrusted pointer dereference vulnerability. • https://packetstorm.news/files/id/120712 • CWE-787: Out-of-bounds Write •

CVSS: 7.3EPSS: 1%CPEs: 2EXPL: 2

07 Sep 2012 — Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de path de búsqueda no confiable en Corel PHOTO-PAINT y CorelDRAW X5 v15.1.0.588, permite a usuario locales obt... • https://www.exploit-db.com/exploits/14787 •

CVSS: 9.3EPSS: 7%CPEs: 1EXPL: 2

10 Dec 2009 — Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366. Desbordamiento de búfer basado en pila en Jasc Paint Shop Pro 8.10 (alias Corel Paint Shop Pro) permite a atacantes remotos asistidos por el usuario ejecutar código de su elección mediante un fichero PNG manipulado. NOTA: Esto puede causar el mismo problema que CVE-2007-2366. • https://www.exploit-db.com/exploits/10298 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 5

21 Jul 2009 — NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is... • https://www.exploit-db.com/exploits/9223 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.8EPSS: 10%CPEs: 1EXPL: 0

14 Jun 2007 — Multiple buffer overflows in acgm.dll in the Corel / Micrografx ActiveCGM Browser ActiveX control before 7.1.4.19 allow remote attackers to execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer en acgm.dll en el control ActiveX, Corel / Micrografx ActiveCGM Browser versiones anteriores a 7.1.4.19 permiten a atacantes remotos ejecutar código de su elección mediante vectores no especificados. • http://secunia.com/advisories/25672 •

CVSS: 7.8EPSS: 66%CPEs: 1EXPL: 1

30 Apr 2007 — Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. Desbordamiento de búfer en el Corel Paint Shop Pro 11.20 permite a atacantes con la intervención del usuario ejecutar código de su elección mediante una imagen .PNG modificada. • https://www.exploit-db.com/exploits/3812 •

CVSS: 7.8EPSS: 15%CPEs: 2EXPL: 1

24 Apr 2007 — Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from third party sources. Un desbordamiento de búfer en igcore15d.dll versiones 15.1.2.0 y 15.2.0.0 para AccuSoft ImageGear, como es usado en Corel Paint Shop Pro Photo versión 11.20 y posiblemente otros productos, permite a atacantes rem... • https://www.exploit-db.com/exploits/3779 •

CVSS: 9.3EPSS: 12%CPEs: 1EXPL: 3

28 Mar 2007 — Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document. Desbordamiento de búfer basado en pila en Corel WordPerfect Office X3 (13.0.0.565) permite a atacantes remotos con intervención del usuario ejecutar código de su elección mediante un nombre de selección de impresora (PRS) largo en un documento Wordperfect. • https://www.exploit-db.com/exploits/3593 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

02 Mar 2000 — The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. • https://www.exploit-db.com/exploits/19787 •