36 lines
No EOL
1.5 KiB
Text
36 lines
No EOL
1.5 KiB
Text
- Title: Corel Presentations X5 15.0.0.357 (shw) Remote Buffer Preoccupation PoC
|
|
- Vendor: Corel Corporation
|
|
- Product Web Page: http://www.corel.com
|
|
- Version Tested: 15.0.0.357 (Standard Edition)
|
|
|
|
-Summary: Strengthen your visual impact. Create compelling slideshows, proposals,
|
|
demonstrations and interactive reports. Easily edit pictures, create charts and
|
|
diagrams, and share content with others. Open, edit and save MicrosoftŽ PowerPointŽ
|
|
files, including the latest OOXML (.pptx) files.
|
|
|
|
-Desc: Corel WordPerfect is prone to a remote buffer overflow vulnerability because
|
|
the application fails to perform adequate boundary checks on user supplied input with
|
|
.SHW (Presentations Slide Show) file. Attackers may exploit this issue to execute arbitrary
|
|
code in the context of the application. Failed attacks will cause denial-of-service conditions.
|
|
|
|
-Tested On: Microsoft Windows XP Pro SP3 (EN)
|
|
-Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
|
|
-liquidworm gmail com
|
|
-Zero Science Lab - http://www.zeroscience.mk
|
|
-12.07.2010
|
|
|
|
- Vendor status:
|
|
|
|
[12.07.2010] Vulnerability discovered.
|
|
[09.07.2010] Initial contact with the vendor.
|
|
[12.07.2010] No reply from vendor.
|
|
[12.07.2010] Public advisory released.
|
|
|
|
|
|
- Zero Science Lab Advisory ID: ZSL-2010-4946
|
|
- Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4946.php
|
|
|
|
- PoC:
|
|
http://www.zeroscience.mk/codes/zsl_poc17.shw.rar
|
|
or
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14346.rar (zsl_poc17.shw.rar) |