Corel PDF Fusion XPS File ZIP Directory Vulnerability

2013-08-08T00:00:00
ID SAINT:A2614303F5DDCB23F02AF2FE25A5E81B
Type saint
Reporter SAINT Corporation
Modified 2013-08-08T00:00:00

Description

Added: 08/08/2013
CVE: CVE-2013-3248
BID: 61010
OSVDB: 94933

Background

Corel PDF Fusion is a software application used to assemble, edit and create PDFs from more than 100 different file types by dragging and dropping them onto the Welcome Screen. It allows adding new text, bookmarks and comments, and also supports multiple file output formats.

Problem

Corel PDF Fusion version 1.11 and earlier is vulnerable to a buffer overflow condition as a result of not properly validating user-supplied input when parsing names in ZIP directory entries of an XPS file. An attacker who persuades a user to open a specially crafted XPS file in a vulnerable version of Corel PDF Fusion could execute arbitrary code in the context of the affected user.

Resolution

Contact the vendor for an update when it becomes available.

References

<http://secunia.com/advisories/52707/>

Limitations

This exploit has been tested against Corel PDF Fusion 1.11 on Windows XP SP3 English (DEP OptIn).

Platforms

Windows