Vulnerabilities > CVE-2021-38099 - Out-of-bounds Write vulnerability in Corel Photopaint 2020 22.0.0.474

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
corel
CWE-787
critical

Summary

CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CPT file. This is different from CVE-2021-38101.

Vulnerable Configurations

Part Description Count
Application
Corel
1

Common Weakness Enumeration (CWE)