CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability

Risk: High
Local: Yes
Remote: No

CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability Vendor: Corel Corporation Product web page: Affected version: (X7) - 32bit/64bit (EN) (X5) - 32bit (EN) Summary: CorelDRAW is one of the image-creating programs in a suite of graphic arts software used by professional artists, educators, students, businesses and the general public. The CorelDRAW Graphics Suite X7, which includes CorelDRAW, is sold as stand-alone software and as a cloud-based subscription. CorelDRAW is the core of the graphics suite and is primarily used for vector illustrations and page layouts. Desc: CorelDRAW is prone to an off-by-one memory corruption vulnerability. An attacker can exploit this issue by tricking a victim into opening a malicious CDR file to execute arbitrary code and/or to cause denial-of-service conditions. --- eax=13921178 ebx=00000003 ecx=00000000 edx=138fa270 esi=13c41e78 edi=00000002 eip=5fea43e4 esp=001eca8c ebp=131f67b8 iopl=0 nv up ei ng nz ac pe cy cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210297 CdrTxt!WStyleList::EndLoad+0x74: 5fea43e4 8b01 mov eax,dword ptr [ecx] ds:002b:00000000=???????? --- Tested on: Microsoft Windows 7 Professional SP1 (EN) Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscience Advisory ID: ZSL-2014-5204 Advisory URL: 27.10.2014 --- PoC: -


Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024,


Back to Top