11 matches found
CVE-2016-9043
CorelDRAW X8 EMF parsing (CdrGfx.dll) contains an out-of-bounds write in EMF handling (EMR_CREATEBRUSHINDIRECT and related records), enabling potential memory corruption and code execution. Affected version: CorelDRAW X8 18.1.0.661. Exploitation involves sending a crafted EMF file; remote attacke...
CVE-2022-43615
CorelDRAW Graphics Suite 23.5.0.506 is affected by a PDF file parsing vulnerability that can disclose sensitive information via a read past the end of an allocated object. The flaw arises from insufficient validation of user-supplied data during PDF parsing, and exploitation requires user interac...
CVE-2022-43611
CVE-2022-43611 affects CorelDRAW Graphics Suite 23.5.0.506. The root cause is a BMP image parsing flaw that fails to validate user-supplied data, causing a read past the end of an allocated object. This results in information disclosure and, per the initial description, can be leveraged with othe...
CVE-2022-43612
CorelDRAW Graphics Suite 23.5.0.506 is affected. The vulnerability resides in JP2 image parsing, caused by insufficient validation that can read past the end of an allocated object, enabling information disclosure. Exploitation is user-initiated (visiting a malicious page or opening a malicious f...
CVE-2022-43610
CVE-2022-43610 affects CorelDRAW Graphics Suite 23.5.0.506. The vulnerability is a read-past-end-of-allocated-object due to improper validation while parsing GIF images, leading to potential information disclosure. Exploitation requires user interaction (target visits a malicious page or opens a ...
CVE-2022-43616
CVE-2022-43616 affects CorelDRAW Graphics Suite 23.5.0.506, due to an error in EMF image parsing that allows a read past the end of an allocated object. This can enable remote code execution with current process privileges and requires user interaction (visiting a malicious page or opening a mali...
CVE-2022-43613
CorelDRAW Graphics Suite 23.5.0.506 is affected by a stack-based buffer overflow in CGM file parsing, due to improper validation of the length of user-supplied data. The vulnerability allows remote code execution with the attacker gaining code execution in the context of the affected process, req...
CVE-2014-8393
CVE-2014-8393 corresponds to a DLL hijacking vulnerability in Corel products (CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015 and Corel PDF Fusion, plus related apps). The flaw arises when a file is opened and the application searches the document’s directory for DL...
CVE-2022-43617
CVE-2022-43617 affects Corel CorelDRAW Graphics Suite 23.5.0.506. It is a PCX file parsing out-of-bounds write vulnerability in CorelDRAW that allows code execution in the current process and requires user interaction (visiting a malicious page or opening a malicious file). Root cause: insufficie...
CVE-2022-43614
CorelDRAW Graphics Suite 23.5.0.506 is affected by a GIF file parsing vulnerability that can cause a write past the end of an allocated object, enabling arbitrary code execution in the current process. Exploitation requires user interaction (visiting a malicious page or opening a malicious file)....
CVE-2022-43618
CorelDRAW Graphics Suite 23.5.0.506 is affected by a buffer/write past end vulnerability in the PCX file parsing code. The flaw arises from insufficient validation of user-supplied data, enabling an out-of-bounds write that can allow remote code execution in the context of the current process. Ex...