Corel PaintShop Pro X5 / X6 Insecure Library Loading Vulnerability

Last Update Date: 7 Oct 2013 12:07 Release Date: 7 Oct 2013 3141 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Graphics & Design

TYPE: Graphics & Design

A vulnerability has been identified in Corel PaintShop Pro X5 and X6, which can be exploited by malicious people to compromise a user's system.

The application loads libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening an e.g. ".jpg" file located on a remote WebDAV or SMB share.

The vulnerability is confirmed in versions 15.2.0.2 and 16.0.0.113. Other versions may also be affected.

Impact

  • Remote Code Execution

System / Technologies affected

  • Corel PaintShop Pro X5 15.x
  • Corel PaintShop Pro X5 16.x

Solutions

  • NOTE: Vulnerability has no patch available

Vulnerability Identifier

Source

Related Link

Share with

Previous

Google Chrome Multiple Vulnerabilities

3 Oct 2013 3252 Views

Next

Adobe Acrobat/Reader Scripting Code Execution Vulnerability

9 Oct 2013 3219 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY