CVE-2007-1735

Corel WordPerfect Office X3 13.0.0.565 - Stack-based Buffer Overflow via Long PRS Name

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1735. PoCs published by Jonathan So.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in Corel WordPerfect X3 by crafting a malicious .wpd file. It embeds shellcode to execute arbitrary commands (e.g., launching Notepad) via a crafted document header and packet structure.

Description

Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jonathan So · clocalwindows

https://www.exploit-db.com/exploits/3593

View Code ZIP pw:eip

This exploit targets a stack-based buffer overflow in Corel WordPerfect X3 by crafting a malicious .wpd file. It embeds shellcode to execute arbitrary commands (e.g., launching Notepad) via a crafted document header and packet structure.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Corel WordPerfect X3 (13.0.0.565)

No auth needed

Prerequisites: User interaction to open the malicious .wpd file

MITRE ATT&CK