← Advisories

Corel PHOTO-PAINT X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit

High

Advisory ID

ZSL-2010-4954

Release Date

26 August 2010

Vendor

Corel Corporation - http://www.corel.com

Affected Version

X3 v13.0.0.576

CVE

N/A

Tested On

Microsoft Windows XP Professional SP3 (English)

Summary

Graphic design software for striking visual communication.

Description

Corel PHOTO-PAINT X3 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extension is .cpt thru crlrib.dll library.

Proof of Concept

corelpp_dll.cTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://www.exploit-db.com/exploits/14787

[2]http://www.packetstormsecurity.org/filedesc/corelpp_dll.txt.html

[3]http://securityreason.com/exploitalert/8770

[4]http://secunia.com/advisories/41148/

[5]http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/

[6]http://www.exploit-db.com/dll-hijacking-vulnerable-applications/

[7]http://www.securityfocus.com/bid/42753

[8]http://osvdb.org/show/osvdb/67582

Changelog

26.08.2010Initial release

27.08.2010Added reference [1], [2], [3], [4], [5] and [6]

13.11.2010Added reference [7] and [8]