Corel WordPerfect Office X5 and Corel Presentations X5 File Handling Vulnerabilities

- Corel WordPerfect Office X5 15.0.0.357 (wpd) Remote Buffer Preoccupation PoC

– Corel Presentations X5 15.0.0.357 (shw) Remote Buffer Preoccupation PoC

Corel Corporation

http://www.corel.com

Version: 15.0.0.357 (Standard Edition)

– Summary: Corel® WordPerfect® Office X5 – Standard Edition is the essential
office suite for word processing, spreadsheets, presentations and email.
Chosen over Microsoft® Office by millions of longtime users, it integrates
the latest productivity software with the best of the Web. Work faster and
collaborate more efficiently with all-new Web services, new Microsoft® Office
SharePoint® support, more PDF tools and even better compatibility with Microsoft
Office. It’s everything you expect in an office suite—for less.

– Desc: Corel WordPerfect and Corel Presentations X5 is prone to a remote buffer overflow vulnerability because
the application fails to perform adequate boundary checks on user supplied input with
.WPD (WordPerfect Document) and .SHW (Presentations Slide Show) file. Attackers may exploit this issue to execute arbitrary
code in the context of the application. Failed attacks will cause denial-of-service
conditions.

– Tested On: Microsoft Windows XP Professional SP3 (English)

– Vulnerability Discovered By: Gjoko ‘LiquidWorm’ Krstic

– liquidworm gmail com

– Zero Science Lab – http://www.zeroscience.mk

– 09.07.2010

– Vendor status:

[09.07.2010] Vulnerability discovered.
[09.07.2010] Initial contact with the vendor.
[12.07.2010] No reply from vendor.
[12.07.2010] Public advisory released.

Details:

Corel Presentations X5 15.0.0.357 (shw) Remote Buffer Preoccupation PoC
Corel WordPerfect Office X5 15.0.0.357 (wpd) Remote Buffer Preoccupation PoC

Comment are closed.