Vulnerabilities > CVE-2010-5240 - Unspecified vulnerability in Corel Coreldraw X5 and Photo-Paint X3
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426 Untrusted Search Path'
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description CorelDRAW X3 v13.0.0.576 DLL Hijacking Exploit (crlrib.dll). CVE-2010-5240,CVE-2014-8393. Local exploit for windows platform id EDB-ID:14786 last seen 2016-02-01 modified 2010-08-25 published 2010-08-25 reporter LiquidWorm source https://www.exploit-db.com/download/14786/ title CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit crlrib.dll description Corel PHOTO-PAINT X3 v13.0.0.576 DLL Hijacking Exploit (crlrib.dll). CVE-2010-5240,CVE-2014-8393. Local exploit for windows platform id EDB-ID:14787 last seen 2016-02-01 modified 2010-08-25 published 2010-08-25 reporter LiquidWorm source https://www.exploit-db.com/download/14787/ title Corel PHOTO-PAINT X3 13.0.0.576 - DLL Hijacking Exploit crlrib.dll