Corel paintshop pro x2
![corel paintshop pro x2 corel paintshop pro x2](https://cdn.mos.cms.futurecdn.net/34f27c269eb0966054441585f2848883.jpg)
When processing certain structures from a FPX file, Corel Paint Shop Pro Photo X2 allocates fixed-size (0xC08 bytes) buffers, and copies data from the FPX file to that buffer.
#Corel paintshop pro x2 code
This vulnerability can be exploited to overwrite adjacent heap chunks metadata, and possibly to gain arbitrary code execution (though it does not seem easy). Technical Description / Proof of Concept CodeĬorel Paint Shop Pro Photo X2 is prone to a heap-based buffer overflow when processing malformed FPX files, because it trusts user-controlled data located inside a FPX file and uses it as a loop counter when copying data from a FPX file into a fixed-size buffer located in the heap. The publication of this advisory was coordinated by Carlos Sarraute from Core Security Advisories team.
![corel paintshop pro x2 corel paintshop pro x2](https://artcdn.artradarjournal.com/does-corel-paint-shop-pro-photo-x2-support-fluorescent-colors-.jpg)
This vulnerability was discovered and researched by Francisco Falcon from Core Security Technologies during Bugweek 2009. Furthermore, avoid opening FPX files coming from untrusted sources. To prevent an accidental trigger of the vulnerability, you can disable the Preview feature that exists in the File/Open dialog. The vendor did not provide fixes or workaround information. Vendor Information, Solutions and Workarounds
#Corel paintshop pro x2 professional
Vulnerability InformationĬlass: Heap-based Buffer Overflow Ĭorel Paint Shop Pro Photo X2 is a professional image editing software, that allows users to edit photos, create graphics, draw and paint. Title: Corel Paint Shop Pro Photo X2 FPX Heap Overflow