Ερευνητές από την Core Security αποκάλυψαν ένα τρωτό σημείο σε ένα DLL που χρησιμοποιείται από διάφορες applications της Corel. Οι ερευνητές αποκάλυψαν την ευπάθεια αφού προσπάθησαν επανειλημμένως να επικοινωνήσουν με την Cοrel η οποία δεν ανταποκρίθηκε. Έτσι δεν υπάρχουν διαθέσιμες ενημερώσεις για τις ευπάθειες, οι οποίες μπορούν να επιτρέψουν απομακρυσμένη εκτέλεση code.
Η Corel is a well-known software company for graphics, design and video applications. Its applications are the well-known ones: CorelDRAW, Photo-Paint, and Core's security researchers discovered that many of them contain a archive DLL that contains the vulnerability.
"When a Correl file is opened, the directory of that file is used to locate the DLL files, which could allow an attacker to execute arbitrary commands by inserting a malicious DLL into the same directory as the file," they said. researchers.
Affected Corel applications are: CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, Corel CAD 2014, Corel VideoStudio PRO X7, Corel PDF Fusion, and Corel FastFlick. The DLL that the apps are looking for is called “wintab32.dll” and they don't check the save path. This allows a malicious DLL with the same name to be copied to the relevant folder and run within its context applications.
Core Security researchers contacted Corel for vulnerabilities in December 9 and received no response. They tried again, on December 17, and they still did not get an answer. They made a third attempt to communicate with Corel via Twitter without success, so they released vulnerability today.
