Vulnerabilities > Corel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-06-05 | CVE-2012-4728 | NULL Pointer Dereference Denial of Service vulnerability in Corel Quattro PRO X6 16.0.0.388 The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted QPW file. network corel | 4.3 |
| 2013-10-03 | CVE-2013-3248 | Stack Based Buffer Overflow vulnerability in Corel PDF Fusion 1.11 Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file. | 9.3 |
| 2013-10-03 | CVE-2013-0742 | Buffer Errors vulnerability in Corel PDF Fusion 1.11 Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file. | 9.3 |
| 2012-09-07 | CVE-2010-5240 | Unspecified vulnerability in Corel Coreldraw X5 and Photo-Paint X3 Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. local corel | 6.9 |
| 2009-12-10 | CVE-2009-4251 | Buffer Errors vulnerability in Corel Paint Shop PRO 8.10 Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. | 9.3 |
| 2009-07-21 | CVE-2009-2564 | Permissions, Privileges, and Access Controls vulnerability in multiple products NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. | 7.2 |
| 2007-06-14 | CVE-2007-2921 | Buffer Overflow vulnerability in Corel ActiveCGM Browser ActiveX Control Multiple buffer overflows in acgm.dll in the Corel / Micrografx ActiveCGM Browser ActiveX control before 7.1.4.19 allow remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2007-04-30 | CVE-2007-2366 | Remote Buffer Overflow vulnerability in Corel Paint Shop PRO 11.20 Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. | 7.4 |
| 2007-04-24 | CVE-2007-2209 | Buffer Overflow vulnerability in AccuSoft ImageGear Igcore15d.DLL Malformed CLP File Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. | 6.8 |
| 2007-03-28 | CVE-2007-1735 | Buffer Errors vulnerability in Corel Wordperfect 13.0.0.565 Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document. | 9.3 |