Published: 07/09/2012 Updated: 07/09/2012

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 700

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
corel coreldraw x5 15.1.0.588
corel photo-paint x3 13.0.0.576

/* CorelDRAW X3 v1300576 (crlribdll) DLL Hijacking Exploit Vendor: Corel Corporation Product Web Page: wwwcorelcom Affected Version: X3 v1300576 Summary: Graphic design software for striking visual communication Desc: CorelDRAW X3 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary c ...

/* Corel PHOTO-PAINT X3 v1300576 (crlribdll) DLL Hijacking Exploit Vendor: Corel Corporation Product Web Page: wwwcorelcom Affected Version: X3 v1300576 Summary: Graphic design software for striking visual communication Desc: Corel PHOTO-PAINT X3 suffers from a dll hijacking vulnerability that enables the attacker to exe ...

NVD-CWE-Other http://secunia.com/advisories/41148 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4954.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4953.php https://nvd.nist.gov https://www.exploit-db.com/exploits/14786/

CVE-2010-5240

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect