Filtered by vendor Corel
Subscribe
Total
54 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-38098 | 1 Corel | 1 Pdf Fusion | 2021-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||
| CVE-2021-38100 | 1 Corel | 1 Photopaint 2020 | 2021-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CPT file. | |||||
| CVE-2021-38101 | 1 Corel | 1 Photopaint 2020 | 2021-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CPT file. This is different from CVE-2021-38099. | |||||
| CVE-2021-38102 | 1 Corel | 1 Presentations 2020 | 2021-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PPT file. This is different from CVE-2021-38105. | |||||
| CVE-2021-38105 | 1 Corel | 1 Presentations 2020 | 2021-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PPT file. This is different from CVE-2021-38102. | |||||
| CVE-2021-38106 | 1 Corel | 1 Presentations 2020 | 2021-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| UAX200.dll in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PPT file. | |||||
| CVE-2021-38110 | 1 Corel | 1 Wordperfect 2020 | 2021-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious DOC file. | |||||
| CVE-2021-38107 | 1 Corel | 1 Coreldraw 2020 | 2021-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| CdrCore.dll in Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CDR file. | |||||
| CVE-2021-38108 | 1 Corel | 1 Wordperfect 2020 | 2021-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious DOC file. | |||||
| CVE-2021-38109 | 1 Corel | 1 Coreldraw 2020 | 2021-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CDR file. | |||||
| CVE-2012-4900 | 1 Corel | 1 Wordperfect Office X6 | 2020-01-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Corel WordPerfect Office X6 16.0.0.388 has a DoS Vulnerability via untrusted pointer dereference | |||||
| CVE-2013-0733 | 1 Corel | 2 Paintshop Pro X5, Paintshop Pro X6 | 2019-07-18 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file. | |||||
| CVE-2019-6114 | 1 Corel | 1 Paintshop Pro 2019 | 2019-06-19 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. An integer overflow in the jp2 parsing library allows an attacker to overwrite memory and to execute arbitrary code. | |||||
| CVE-2007-1735 | 1 Corel | 1 Wordperfect | 2018-10-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document. | |||||
| CVE-2009-2564 | 3 Adobe, Corel, Nos Microsystems | 3 Acrobat Reader, Getplus Download Manager, Getplus Download Manager | 2018-10-10 | 7.2 HIGH | N/A |
| NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot. | |||||
| CVE-2014-8398 | 1 Corel | 1 Fastflick | 2018-10-09 | 4.6 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7) uvipl.dll, (8) VC1DecDll.dll, or (9) VC1DecDll_SSE3.dll file that is located in the same folder as the file being processed. | |||||
| CVE-2014-8397 | 1 Corel | 2 Fastflick, Videostudio Pro | 2018-10-09 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed. | |||||
| CVE-2014-8396 | 1 Corel | 1 Pdf Fusion | 2018-10-09 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same folder as the file being processed. | |||||
| CVE-2014-8395 | 1 Corel | 1 Painter | 2018-10-09 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed. | |||||
| CVE-2014-8394 | 1 Corel | 1 Corelcad | 2018-10-09 | 4.6 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) FxManagedCommands_3.08_9.tx or (2) TD_Mgd_3.08_9.dll file in the current working directory. | |||||