Researchers from Core Security discovered a vulnerability in a DLL used by various Corel applications. The researchers αποκάλυψαν την ευπάθεια αφού προσπάθησαν επανειλημμένως να επικοινωνήσουν με την Cοrel η οποία δεν ανταποκρίθηκε. Έτσι δεν υπάρχουν διαθέσιμες updates for vulnerabilities, which can allow remote code execution.
Η Corel is a well-known software company for graphics, design and video applications. Its applications are the well-known ones: CorelDRAW, Photo-Paint, and Core's security researchers discovered that many of them contain a archive DLL that contains the vulnerability.
"When a Corel file is opened, the directory in that file is used to locate them archives DLL, κάτι το οποίο θα μπορούσε να επιτρέψει σε έναν εισβολέα να εκτελέσει αυθαίρετες εντολές εισάγοντας ένα κακόβουλο DLL, στον ίδιο κατάλογο με το αρχείο,” αναφέρουν οι ερευνητές.
Corel applications that can be affected are: CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, Corel CAD 2014, Corel VideoStudio PRO X7, Corel PDF Fusion and Corel FastFlick. The DLL that the applications look for is called "wintab32.dll" and does not control the storage path. This allows a malicious DLL with the same name to be copied to the relevant folder and executed within the application.
Core Security researchers contacted Corel for vulnerabilities in December 9 and received no response. They tried again, on December 17, and they still did not get an answer. They made a third attempt to communicate with Corel via Twitter without success, so they released vulnerability today.