CVE-2016-9043
published 2018-04-24CVE-2016-9043: An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially…
PriorityP338high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
2.74%
84.3th percentile
An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file to trigger this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| corel | coreldraw | — | — |
| corel | coreldraw | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Multiple Vulnerabilities in CorelDRAW X8
blogs_talos·2017-07-20·CVSS 7.8
[HIGH] Vulnerability Spotlight: Multiple Vulnerabilities in CorelDRAW X8
Today, Talos is disclosing several vulnerabilities that have been identified in CorelDRAW X8. CorelDRAW X8 is graphics suite used for manipulating raster and vector images and is a common alternative to Adobe Creative Cloud. Several of the vulnerabilities being disclosed today specifically affect PHOTO-PAINT X8, a raster graphics editor. Talos has responsibly disclosed this vulnerability to Corel. Corel has made a software update that addresses this vulnerability available for download.
## Vulnerability Details
### TALOS-2016-0244 (CVE-2016-8730) - Corel PHOTO-PAINT X8 GIF Filter Code Execution Vulnerability This vulnerability was identified by Piotr Bania of Cisco Talos.
TALOS-2016-0244 manifests as a out-of-bounds write memory corruption vulnerability in the GIF parsing functionality
Talos
Vulnerability Spotlight: Multiple Vulnerabilities in CorelDRAW X8
blogs_talos·2017-07-20·CVSS 7.8
[HIGH] Vulnerability Spotlight: Multiple Vulnerabilities in CorelDRAW X8
## Vulnerability Spotlight: Multiple Vulnerabilities in CorelDRAW X8
Today, Talos is disclosing several vulnerabilities that have been identified in CorelDRAW X8. CorelDRAW X8 is graphics suite used for manipulating raster and vector images and is a common alternative to Adobe Creative Cloud. Several of the vulnerabilities being disclosed today specifically affect PHOTO-PAINT X8, a raster graphics editor. Talos has responsibly disclosed this vulnerability to Corel. Corel has made a software update that addresses this vulnerability available for download.
## Vulnerability Details
## TALOS-2016-0244 (CVE-2016-8730) - Corel PHOTO-PAINT X8 GIF Filter Code Execution Vulnerability This vulnerability was identified by Piotr Bania of Cisco Talos.
TALOS-2016-0244 manifests as a out-of-bounds wr
2018-04-24
Published