CVE-2013-0733

Published: Jun 5, 2014Modified: May 6, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jpg file.

Affected (2)

Products: Corel: Paintshop Pro X5, Paintshop Pro X6

2 products

Paintshop Pro X5

Paintshop Pro X6

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Corel Paintshop Pro X5	Up to 15.2.0.2
Corel Paintshop Pro X6	Up to 16.0.0.113

References (8)

http://osvdb.org/98163

Source: PSIRT-CNA@flexerasoftware.com

Broken Link

http://secunia.com/advisories/53618

Source: PSIRT-CNA@flexerasoftware.com

Third Party Advisory

http://www.securityfocus.com/bid/62836

Source: PSIRT-CNA@flexerasoftware.com

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/87763

Source: PSIRT-CNA@flexerasoftware.com

VDB Entry

http://osvdb.org/98163

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://secunia.com/advisories/53618

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/62836

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/87763

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

Timeline

No history available yet.