CVE-2014-8393

HIGH

CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion - DLL Hijacking

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-8393. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a DLL hijacking vulnerability in CorelDRAW X3 v13.0.0.576 by replacing the legitimate crlrib.dll with a malicious one. When a .cmx or .csl file is opened, the malicious DLL is loaded, executing arbitrary code.

Description

DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.

Exploits (2)

exploitdb WORKING POC VERIFIED
by LiquidWorm · clocalwindows
https://www.exploit-db.com/exploits/14786

This exploit demonstrates a DLL hijacking vulnerability in CorelDRAW X3 v13.0.0.576 by replacing the legitimate crlrib.dll with a malicious one. When a .cmx or .csl file is opened, the malicious DLL is loaded, executing arbitrary code.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: CorelDRAW X3 v13.0.0.576
No auth needed
Prerequisites: Access to the target system to place the malicious DLL and a .cmx or .csl file in the same directory
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by LiquidWorm · clocalwindows
https://www.exploit-db.com/exploits/14787

This exploit demonstrates a DLL hijacking vulnerability in Corel PHOTO-PAINT X3 v13.0.0.576. The code compiles into a malicious 'crlrib.dll' that executes arbitrary code when a .cpt file is opened, leveraging the application's insecure DLL loading behavior.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Corel PHOTO-PAINT X3 v13.0.0.576
No auth needed
Prerequisites: Access to the target system to place the malicious DLL and a .cpt file in the same directory
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534452/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/72005
Permissions Required third-party-advisory x_refsource_secunia
http://secunia.com/advisories/62210
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031522
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Jan/33

Scores

CVSS v3 7.8
EPSS 0.0834
EPSS Percentile 94.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-427
Status published
Products (5)
corel/coreldraw x7
corel/coreldraw_photo_paint x7
corel/paint_shop_pro x7
corel/painter 2015
corel/pdf_fusion
Published Aug 29, 2017
Tracked Since Feb 18, 2026