Vulnerability Details : CVE-2013-0733
Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file.
Vulnerability category: Execute code
Products affected by CVE-2013-0733
- cpe:2.3:a:corel:paintshop_pro_x5:*:*:*:*:*:*:*:*
- cpe:2.3:a:corel:paintshop_pro_x6:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-0733
97.32%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-0733
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2013-0733
-
http://www.securityfocus.com/bid/62836
Corel PaintShop Pro X5 and X6 'dwmapi.dll' DLL Loading Arbitrary Code Execution VulnerabilityThird Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/87763
Corel PaintShop dwmapi.dll code execution CVE-2013-0733 Vulnerability ReportVDB Entry
Jump to