Lucene search

[email protected]CVE-2013-0733

HistoryJun 05, 2014 - 8:55 p.m.

CVE-2013-0733

2014-06-0520:55:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2013-0733

vulnerability

corel paintshop pro

dll hijacking

security

nvd

7.3 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.95 High

EPSS

Percentile

99.3%

JSON

Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file.

CPENameOperatorVersion
corel:paintshop_pro_x5corel paintshop pro x5le15.2.0.2
corel:paintshop_pro_x6corel paintshop pro x6le16.0.0.113

CPE	Name	Operator	Version
corel:paintshop_pro_x5	corel paintshop pro x5	le	15.2.0.2
corel:paintshop_pro_x6	corel paintshop pro x6	le	16.0.0.113

References

osvdb.org/98163

secunia.com/advisories/53618

www.securityfocus.com/bid/62836

exchange.xforce.ibmcloud.com/vulnerabilities/87763

7.3 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.95 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2013-0733

prion1 cvelist1 checkpoint_advisories1