Vulnerabilities > CVE-2013-3248 - Unspecified vulnerability in Corel PDF Fusion 1.11

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
corel
exploit available
metasploit
NVD
Published: 2013-10-03
Updated: 2024-11-21

Summary

Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file.

Vulnerable Configurations

Part Description Count
Application
Corel
1

Exploit-Db

descriptionCorel PDF Fusion Stack Buffer Overflow. CVE-2013-0742,CVE-2013-3248. Local exploit for windows platform
fileexploits/windows/local/26805.rb
idEDB-ID:26805
last seen2016-02-03
modified2013-07-13
platformwindows
port
published2013-07-13
reportermetasploit
sourcehttps://www.exploit-db.com/download/26805/
titleCorel PDF Fusion Stack Buffer Overflow
typelocal

Metasploit

descriptionThis module exploits a stack-based buffer overflow vulnerability in version 1.11 of Corel PDF Fusion. The vulnerability exists while handling a XPS file with long entry names. In order for the payload to be executed, an attacker must convince the target user to open a specially crafted XPS file with Corel PDF Fusion. By doing so, the attacker can execute arbitrary code as the target user.
idMSF:EXPLOIT/WINDOWS/FILEFORMAT/CORELPDF_FUSION_BOF
last seen2020-06-03
modified2017-07-24
published2013-07-11
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/corelpdf_fusion_bof.rb
titleCorel PDF Fusion Stack Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/122382/corelpdf_fusion_bof.rb.txt
idPACKETSTORM:122382
last seen2016-12-05
published2013-07-12
reporterjuan vazquez
sourcehttps://packetstormsecurity.com/files/122382/Corel-PDF-Fusion-Stack-Buffer-Overflow.html
titleCorel PDF Fusion Stack Buffer Overflow

Saint

bid61010
descriptionCorel PDF Fusion XPS File ZIP Directory Vulnerability
osvdb94933
titlecorel_pdf_fusion_xps_file_zip_dir
typeclient

References