CVE-2013-0742

Corel PDF Fusion 1.11 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-0742. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in Corel PDF Fusion 1.11 by crafting a malicious XPS file with an overly long entry name, leading to arbitrary code execution when opened by the victim.

Description

Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/26805

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in Corel PDF Fusion 1.11 by crafting a malicious XPS file with an overly long entry name, leading to arbitrary code execution when opened by the victim.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Corel PDF Fusion 1.11

No auth needed

Prerequisites: Victim must open the malicious XPS file with Corel PDF Fusion 1.11

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/show/osvdb/94933

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/26805

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/52707

Scores

EPSS 0.3471

EPSS Percentile 98.2%

Details

CWE

CWE-119

Status published

Products (1)

corel/pdf_fusion 1.11

Published Oct 03, 2013

Tracked Since Feb 18, 2026