Lucene search
K
CorelPdf Fusion

7 matches found

CVE
CVE
added 2013/10/03 11:0 p.m.127 views

CVE-2013-3248

CVE-2013-3248 summary (confirmed by connected sources): Corel PDF Fusion 1.11 contains an untrusted search path vulnerability that allows local users to gain privileges via a Trojan horse wintab32.dll in the current working directory, demonstrated with a directory containing a .pdf or .xps file. ...

9.3CVSS6.4AI score0.18563EPSS
CVE
CVE
added 2013/10/03 11:0 p.m.82 views

CVE-2013-0742

Corel PDF Fusion 1.11 is affected by a stack-based buffer overflow via a long ZIP directory entry name in an XPS file, allowing remote code execution or a denial-of-service (application crash). This vulnerability is identified as CVE-2013-0742 and has multiple connected advisories (e.g., Red Hat,...

9.3CVSS8.4AI score0.34707EPSS
CVE
CVE
added 2021/10/01 10:53 p.m.67 views

CVE-2021-38098

CVE-2021-38098 affects Corel PDF Fusion 2.6.2.0. A heap corruption vulnerability occurs while parsing a crafted PDF file, allowing an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious P...

7.8CVSS7.7AI score0.02326EPSS
CVE
CVE
added 2021/10/01 6:2 p.m.59 views

CVE-2021-38096

CVE-2021-38096 affects Corel PDF Fusion 2.6.2.0 (Coreip.dll) and involves an Out-of-bounds Write when parsing a crafted file. An unauthenticated attacker could achieve arbitrary code execution in the context of the current user, with exploitation requiring user interaction (victim must open a mal...

9.3CVSS7.7AI score0.03024EPSS
CVE
CVE
added 2017/08/28 8:0 p.m.56 views

CVE-2014-8393

CVE-2014-8393 corresponds to a DLL hijacking vulnerability in Corel products (CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015 and Corel PDF Fusion, plus related apps). The flaw arises when a file is opened and the application searches the document’s directory for DL...

7.8CVSS7.5AI score0.08342EPSS
CVE
CVE
added 2015/01/15 3:0 p.m.45 views

CVE-2014-8396

Corel PDF Fusion is affected by a DLL hijacking vulnerability (untrusted search path) where the attacker can place a malicious quserex.dll in the same folder as the processed file, enabling local code execution. The CVE is CVE-2014-8396. The connected sources confirm the vulnerability scope and D...

4.6CVSS7.6AI score0.0707EPSS
CVE
CVE
added 2021/10/01 5:50 p.m.45 views

CVE-2021-38097

CVE-2021-38097 affects Corel PDF Fusion 2.6.2.0 with an Out-of-bounds Write while parsing a crafted file. An unauthenticated attacker could achieve arbitrary code execution in the context of the current user, and exploitation requires the user to open a malicious PDF file. No remediation details ...

9.3CVSS7.7AI score0.02724EPSS