EUVD-2014-8230

Malware in sbrugna...

EUVD-2014-8232

Malware in sbrugna...

CVE-2014-8393

CVE-2014-8393 corresponds to a DLL hijacking vulnerability in Corel products (CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015 and Corel PDF Fusion, plus related apps). The flaw arises when a file is opened and the application searches the document’s directory for DL...

CVE-2014-8395

Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed...

Design/Logic Flaw

Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed...

CVE-2014-8395

Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed...

CVE-2014-8395

CVE-2014-8395 is a Corel DLL Hijacking vulnerability affecting Corel Painter 2015 (and related Corel products listed in the CORE-2015-0001 advisory). The issue arises from untrusted search path handling: when a user opens a file associated with Corel apps, the application searches the document’s ...

CVE-2014-8395

Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed...

Corel Painter 'wacommt.dll' DLL Loading Arbitrary Code Execution Vulnerability

Corel Painter is a computerized art drawing software. An arbitrary code execution vulnerability exists in Corel Painter 'wacommt.dll' DLL loading due to the program failing to properly load the 'wacommt.dll' file. This allows an attacker to build a malicious DLL file to execute arbitrary code in...

Corel Software DLL Hijacking Vulnerability Allows Hackers to Execute Malicious Code

Security researchers have disclosed local zero day DLL hijacking vulnerabilities in several applications developed by Corel Software that could allow an attacker to execute arbitrary commands on victims' computer, potentially affecting more than 100 million users. The security holes were publicly...

Corel Software DLL Hijacking

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Corel Software DLL Hijacking 1. Advisory Information Title: Corel Software DLL Hijacking Advisory ID: CORE-2015-0001 Advisory URL: http://www.coresecurity.com/advisories/corel-software-dll-hijacking Date published: 2015-01-12 Dat...

Corel Software DLL Hijacking

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Corel Software DLL Hijacking 1. Advisory Information Title: Corel Software DLL Hijacking Advisory ID: CORE-2015-0001 Advisory URL: http://www.coresecurity.com/advisories/corel-software-dll-hijacking Date published: 2015-01-12 Dat...

0-Days Exposed in Several Corel Applications

UPDATE–Researchers from Core Security have disclosed DLL hijacking vulnerabilities in several applications made by Corel Software after the vendor didn’t respond to Core’s notifications about the flaws. There are no patches available for the bugs, which can allow remote code execution. Corel sell...