SMTP: Corel PDF Fusion XPS Stack Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Corel PDF Fusion. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.

Extended Description

Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file.

Affected Products

Corel pdf_fusion

References

CVE: CVE-2013-3248

Short Name
SMTP:OVERFLOW:CORELFUSION-XPS
Severity
Major
Recommended
True
Recommended Action
None
Category
SMTP
Keywords
Buffer CVE-2013-3248 Corel Fusion Overflow PDF Stack XPS
Release Date
02/02/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Corel

CVSS Score

9.3

Found a potential security threat?