CVE-2019-6114

HIGH

Corel PaintShop Pro 2019 21.0.0.119 - Remote Code Execution via JP2 Parser Integer Overflow

Title source: llm

Description

An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. An integer overflow in the jp2 parsing library allows an attacker to overwrite memory and to execute arbitrary code.

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/ereisr00/bagofbugz/tree/master/CorelPaintShop2019

View Exploit ZIP pw:eip

Scores

CVSS v3 8.8

EPSS 0.0264

EPSS Percentile 83.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-190

Status published

Products (1)

corel/paintshop_pro_2019 21.0.0.119

Published Jun 19, 2019

Tracked Since Feb 18, 2026