Vulnerabilities > Corel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-01-15 | CVE-2014-8396 | DLL Loading Arbitrary Code Execution vulnerability in Corel PDF Fusion 'quserex.dll' Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same folder as the file being processed. | 4.6 |
| 2015-01-15 | CVE-2014-8395 | DLL Loading Arbitrary Code Execution vulnerability in Corel Painter 2015 Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed. | 4.6 |
| 2015-01-15 | CVE-2014-8394 | DLL Loading Arbitrary Code Execution vulnerability in Corel Corelcad 2014 Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) FxManagedCommands_3.08_9.tx or (2) TD_Mgd_3.08_9.dll file in the current working directory. | 4.6 |
| 2014-06-05 | CVE-2012-4728 | NULL Pointer Dereference Denial of Service vulnerability in Corel Quattro PRO X6 16.0.0.388 The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted QPW file. network corel | 4.3 |
| 2012-09-07 | CVE-2010-5240 | Unspecified vulnerability in Corel Coreldraw X5 and Photo-Paint X3 Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. local corel | 6.9 |
| 2007-04-24 | CVE-2007-2209 | Buffer Overflow vulnerability in AccuSoft ImageGear Igcore15d.DLL Malformed CLP File Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. | 6.8 |