RSS   Vulnerabilities for 'Pdf fusion'   RSS

2021-10-01
 
CVE-2021-38098

CWE-787
 

 
Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.

 
 
CVE-2021-38097

CWE-787
 

 
Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.

 
 
CVE-2021-38096

CWE-787
 

 
Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.

 
2017-08-28
 
CVE-2014-8393

CWE-427
 

 
DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.

 
2015-01-15
 
CVE-2014-8396

CWE-Other
 

 
Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same folder as the file being processed.

 
2013-10-03
 
CVE-2013-3248

CWE-Other
 

 
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file.

 
 
CVE-2013-0742

CWE-119
 

 
Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file.

 

 >>> Vendor: Corel 24 Products
Linux
Wordperfect
Paint shop pro
Activecgm browser
Getplus download manager
Coreldraw x5
Photo-paint x3
Pdf fusion
Quattro pro x6
Paintshop pro x5
Paintshop pro x6
Corelcad
Painter
Fastflick
Videostudio pro
Coreldraw
Coreldraw photo paint
Coreldraw photo paint x8
Paintshop pro 2019
Wordperfect office x6
Coreldraw 2020
Wordperfect 2020
Presentations 2020
Photopaint 2020


Copyright 2024, cxsecurity.com

 

Back to Top