CVE-2013-0733
critical
CVSS v3
—
CVSS v2
9.3
VIR risk
9.3
Description
Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| corel | paintshop_pro_x5 | {"endIncluding":"15.2.0.2"} | |
| corel | paintshop_pro_x6 | {"endIncluding":"16.0.0.113"} | |
References
- http://osvdb.org/98163
- http://secunia.com/advisories/53618
- http://www.securityfocus.com/bid/62836
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87763
- http://osvdb.org/98163
- http://secunia.com/advisories/53618
- http://www.securityfocus.com/bid/62836
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87763
Verify integrity in audit chain (admin only). AS-IS.