Vendor
Corel
Products
14
CVEs
21
Across products
27
Status
Private
Products
14- 4 CVEs
- 4 CVEs
- 4 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
21| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-8393 | Hig | 0.54 | 7.8 | 0.05 | Aug 29, 2017 | DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion. | |
| CVE-2013-0742 | 0.09 | — | 0.76 | Oct 3, 2013 | Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file. | ||
| CVE-2013-3248 | 0.08 | — | 0.60 | Oct 3, 2013 | Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file. | ||
| CVE-2007-2366 | 0.08 | — | 0.62 | Apr 30, 2007 | Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. | ||
| CVE-2009-4251 | 0.04 | — | 0.07 | Dec 10, 2009 | Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366. | ||
| CVE-2007-2209 | 0.04 | — | 0.19 | Apr 24, 2007 | Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from third party sources. | ||
| CVE-2007-1735 | 0.04 | — | 0.17 | Mar 28, 2007 | Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document. | ||
| CVE-2010-5240 | 0.03 | — | 0.01 | Sep 7, 2012 | Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information. | ||
| CVE-2009-2564 | 0.03 | — | 0.00 | Jul 21, 2009 | NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot. | ||
| CVE-2000-0193 | 0.03 | — | 0.00 | Mar 2, 2000 | The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. | ||
| CVE-2000-0195 | 0.03 | — | 0.00 | Feb 24, 2000 | setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file. | ||
| CVE-2000-0194 | 0.03 | — | 0.00 | Feb 24, 2000 | buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. | ||
| CVE-2000-0048 | 0.03 | — | 0.00 | Jan 12, 2000 | get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. | ||
| CVE-2014-8398 | 0.01 | — | 0.08 | Jan 15, 2015 | Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7) uvipl.dll, (8) VC1DecDll.dll, or (9) VC1DecDll_SSE3.dll file that is located in the same folder as the file being processed. | ||
| CVE-2014-8397 | 0.01 | — | 0.08 | Jan 15, 2015 | Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed. | ||
| CVE-2014-8396 | 0.01 | — | 0.08 | Jan 15, 2015 | Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same folder as the file being processed. | ||
| CVE-2014-8395 | 0.01 | — | 0.08 | Jan 15, 2015 | Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed. | ||
| CVE-2014-8394 | 0.01 | — | 0.08 | Jan 15, 2015 | Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) FxManagedCommands_3.08_9.tx or (2) TD_Mgd_3.08_9.dll file in the current working directory. | ||
| CVE-2007-2921 | 0.01 | — | 0.09 | Jun 14, 2007 | Multiple buffer overflows in acgm.dll in the Corel / Micrografx ActiveCGM Browser ActiveX control before 7.1.4.19 allow remote attackers to execute arbitrary code via unspecified vectors. | ||
| CVE-2015-6948 | 0.00 | — | 0.03 | Sep 15, 2015 | Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect allows remote attackers to execute arbitrary code via a crafted document. |