CVEブラウザに戻る

CVE-2010-5240

MEDIUM

6.9

CVSS Severity Score

EPSS Score0.0300%

EPSS Percentile23.14th

Published2012年9月7日

Last Modified2026年4月29日

Vulnerability Description

Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

📦

Corel

Coreldraw X5

= 15.1.0.588

📦

Corel

Photo Paint X3

= 13.0.0.576

References & Advisories

🔗 http://secunia.com/advisories/41148

🔗 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4953.php

🔗 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4954.php

🔗 http://secunia.com/advisories/41148

🔗 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4953.php

🔗 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4954.php

関連する脆弱性情報

CVE-2014-83937.8

DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusio...

CVE-2016-90437.8

An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bi...

CVE-2011-22644.4

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows con...

CVE-2010-044410.0

HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a blank password for the opc_op account, which allows remote att...