CVE-2014-8393

HIGH

Coreldraw - Uncontrolled Search Path

Title source: rule

Description

DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.

Exploits (2)

exploitdb WORKING POC VERIFIED
by LiquidWorm · clocalwindows
https://www.exploit-db.com/exploits/14786
exploitdb WORKING POC VERIFIED
by LiquidWorm · clocalwindows
https://www.exploit-db.com/exploits/14787

References (7)

Scores

CVSS v3 7.8
EPSS 0.0484
EPSS Percentile 89.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-427
Status draft

Affected Products (5)

corel/coreldraw
corel/coreldraw_photo_paint
corel/paint_shop_pro
corel/painter
corel/pdf_fusion

Timeline

Published Aug 29, 2017
Tracked Since Feb 18, 2026