Corel DLL hijacking vulnerability could allow arbitrary command execution
http://www.net-security.org/secworld.php?id=17811
http://www.pcworld.com/article/2868272/ ... -code.html
Corel DLL Hijacking Vulnerability
Moderator: Kathy_9
-
Kathy_9
- Site Admin
- Posts: 2896
- Joined: Tue Nov 30, 2010 12:44 am
- System_Drive: C
- 32bit or 64bit: 64 Bit
- processor: 8th Generation Intel Core i7 8700 3 20 GHz
- ram: 16GB
- Video Card: NVIDIA GeForce RTX 2060 [6 GB GDDR6 dedicated]
- sound_card: NVIDIA High Definition Audio
- Hard_Drive_Capacity: 2TB
- Monitor/Display Make & Model: HP EliteDisplay E243m 23.8-inch
- Corel programs: PSPX2 ~2023; Painter 2018~23
- Location: USA
- Contact:
Corel DLL Hijacking Vulnerability
PSPX9 | PSP2020 | PSP2021| PSP2022 | PSP2023 & PhotoMirage installed; PSPX | PSPX2 thru PSP2019 owned but not installed
http://www.flickr.com/photos/37153430@N03/
http://www.flickr.com/photos/37153430@N03/
-
Alex Brazeau
- Posts: 79
- Joined: Mon Sep 15, 2014 6:45 pm
- System_Drive: C
- 32bit or 64bit: 64 Bit
Re: Corel DLL Hijacking Vulnerability
Hi Kathy_9:
Corel takes security seriously and we are working quickly to get this corrected. Our team released a statement earlier in the week that you may find helpful, which I've included below.
-Alex
-----------------
Corel is reviewing its products on a case-by-case basis to safeguard dynamic loading of DLL files, which is a common vulnerability in many Windows applications.
Corel makes frequent updates to our applications and these changes have been made a priority for the next update of any affected Corel product. We would like to assure our users that we are not aware of any exploits of this issue with our software.
Corel would like to remind all of its customers to follow safe internet practices and not open attachments, click on external links, download files, or visit an untrusted remote file system from any source they do not know and trust explicitly. Moreover, it is also a best practice to ensure that your system is running up-to-date anti-virus, firewall and malware protection software.
Corel takes our users' security seriously and we are working to identify and correct vulnerabilities in our applications.
Corel takes security seriously and we are working quickly to get this corrected. Our team released a statement earlier in the week that you may find helpful, which I've included below.
-Alex
-----------------
Corel is reviewing its products on a case-by-case basis to safeguard dynamic loading of DLL files, which is a common vulnerability in many Windows applications.
Corel makes frequent updates to our applications and these changes have been made a priority for the next update of any affected Corel product. We would like to assure our users that we are not aware of any exploits of this issue with our software.
Corel would like to remind all of its customers to follow safe internet practices and not open attachments, click on external links, download files, or visit an untrusted remote file system from any source they do not know and trust explicitly. Moreover, it is also a best practice to ensure that your system is running up-to-date anti-virus, firewall and malware protection software.
Corel takes our users' security seriously and we are working to identify and correct vulnerabilities in our applications.