exploitDog

CVE-2019-6114

Опубликовано: 19 июн. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. An integer overflow in the jp2 parsing library allows an attacker to overwrite memory and to execute arbitrary code.

Ссылки

https://github.com/ereisr00/bagofbugz/tree/master/CorelPaintShop2019
Exploit
Third Party Advisory
https://github.com/ereisr00/bagofbugz/tree/master/CorelPaintShop2019
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:corel:paintshop_pro_2019:21.0.0.119:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00889

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

GHSA-xhw8-g8mh-rxvw

github

больше 3 лет назад

An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. An integer overflow in the jp2 parsing library allows an attacker to overwrite memory and to execute arbitrary code.

EPSS

Процентиль: 75%

0.00889

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-190