Filtered by vendor Corel
Subscriptions
Total
54 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-3248 | 1 Corel | 1 Pdf Fusion | 2024-09-17 | N/A |
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file. | ||||
CVE-2017-2803 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2024-09-17 | N/A |
A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. This vulnerability only exists in the 64-bit version. | ||||
CVE-2010-5240 | 1 Corel | 2 Coreldraw X5, Photo-paint X3 | 2024-09-17 | N/A |
Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information. | ||||
CVE-2013-0742 | 1 Corel | 1 Pdf Fusion | 2024-09-17 | N/A |
Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file. | ||||
CVE-2016-9043 | 1 Corel | 1 Coreldraw | 2024-09-16 | 7.8 High |
An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file to trigger this vulnerability. | ||||
CVE-2017-2804 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2024-09-16 | N/A |
A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. | ||||
CVE-2016-8730 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2024-09-16 | 7.8 High |
An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the victim a specific GIF file to trigger this vulnerability. | ||||
CVE-2000-0194 | 1 Corel | 1 Linux | 2024-08-08 | N/A |
buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. | ||||
CVE-2000-0195 | 1 Corel | 1 Linux | 2024-08-08 | N/A |
setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file. | ||||
CVE-2000-0193 | 1 Corel | 1 Linux | 2024-08-08 | N/A |
The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. | ||||
CVE-2000-0048 | 1 Corel | 1 Linux | 2024-08-08 | N/A |
get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. | ||||
CVE-2007-2921 | 1 Corel | 1 Activecgm Browser | 2024-08-07 | N/A |
Multiple buffer overflows in acgm.dll in the Corel / Micrografx ActiveCGM Browser ActiveX control before 7.1.4.19 allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
CVE-2007-2366 | 1 Corel | 1 Paint Shop Pro | 2024-08-07 | N/A |
Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. | ||||
CVE-2007-2209 | 2 Accusoft, Corel | 2 Imagegear, Paint Shop Pro | 2024-08-07 | N/A |
Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from third party sources. | ||||
CVE-2007-1735 | 1 Corel | 1 Wordperfect | 2024-08-07 | N/A |
Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document. | ||||
CVE-2009-4251 | 1 Corel | 1 Paint Shop Pro | 2024-08-07 | N/A |
Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366. | ||||
CVE-2009-2564 | 3 Adobe, Corel, Nos Microsystems | 3 Acrobat Reader, Getplus Download Manager, Getplus Download Manager | 2024-08-07 | N/A |
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot. | ||||
CVE-2012-4900 | 1 Corel | 1 Wordperfect Office X6 | 2024-08-06 | 5.5 Medium |
Corel WordPerfect Office X6 16.0.0.388 has a DoS Vulnerability via untrusted pointer dereference | ||||
CVE-2012-4728 | 1 Corel | 1 Quattro Pro X6 | 2024-08-06 | N/A |
The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted QPW file. | ||||
CVE-2013-0733 | 1 Corel | 2 Paintshop Pro X5, Paintshop Pro X6 | 2024-08-06 | N/A |
Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file. |