Vulnerabilities > CVE-2012-4728 - NULL Pointer Dereference Denial of Service vulnerability in Corel Quattro PRO X6 16.0.0.388

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
corel

Summary

The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted QPW file. Per: http://cwe.mitre.org/data/definitions/476.html "CWE-476: NULL Pointer Dereference"

Vulnerable Configurations

Part Description Count
Application
Corel
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/120713/corelquattropro-dereference.txt
idPACKETSTORM:120713
last seen2016-12-05
published2013-03-08
reporterHigh-Tech Bridge SA
sourcehttps://packetstormsecurity.com/files/120713/Corel-Quattro-Pro-X6-Standard-Edition-NULL-Pointer-Dereference.html
titleCorel Quattro Pro X6 Standard Edition NULL Pointer Dereference