← Advisories

CorelDRAW X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit

High

Advisory ID

ZSL-2010-4953

Release Date

26 August 2010

Vendor

Corel Corporation - http://www.corel.com

Affected Version

X3 v13.0.0.576

CVE

N/A

Tested On

Microsoft Windows XP Professional SP3 (English)

Summary

Graphic design software for striking visual communication.

Description

CorelDRAW X3 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extensions are .cmx and .csl thru crlrib.dll library.

Proof of Concept

coreldrw_dll.cTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://www.exploit-db.com/exploits/14786

[2]http://www.packetstormsecurity.org/filedesc/coreldrw_dll.txt.html

[3]http://securityreason.com/exploitalert/8769

[4]http://secunia.com/advisories/41148/

[5]http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/

[6]http://www.exploit-db.com/dll-hijacking-vulnerable-applications/

[7]http://osvdb.org/show/osvdb/67538

Changelog

26.08.2010Initial release

27.08.2010Added reference [1], [2], [3], [4], [5] and [6]

28.08.2010Added reference [7]