Описание
Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file.
Ссылки
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- VDB Entry
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- VDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 15.2.0.2 (включая)Версия до 16.0.0.113 (включая)
Одно из
cpe:2.3:a:corel:paintshop_pro_x5:*:*:*:*:*:*:*:*
cpe:2.3:a:corel:paintshop_pro_x6:*:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07444
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file.
EPSS
Процентиль: 92%
0.07444
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other