10/12/2023 0 Comments Word perfect office x6![]() ![]() Due to the abnormal QPW file the EDI register is not properly initialized, which causes the dereference of the EDI pointer to a null value. ![]() QPW160!QProGetNotebookWindowHandle+0x23cb85:Ģ02e5925 6689048a mov word ptr ,ax ds:0023:000003d4=?ġ.2 The second crash occurs in the QPW160.dll module at the Ordinal132 function when the application tries to copy a buffer from ESI to EDI. Due to the malformed QPW file the EDX register will contain a null value. Opening of a malicious QPW (Quattro Pro Spreadsheet) document causes immediate application crash, resulting in a loss of all unsaved current application data of the user.ġ) Multiple Null Pointer Dereference vulnerabilities in Corel Quattro Pro X6: CVE-2012-4728ġ.1 The first crash occurs in the QPW160.dll module at the QProGetNotebookWindowHandle function when the application tries to move a value to a corrupted pointer. High-Tech Bridge Security Research Lab discovered two null pointer dereference vulnerabilities in Corel Quattro Pro. Vulnerability Type: NULL Pointer Dereference ĬVSSv2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)ĭiscovered and Provided: High-Tech Bridge Security Research Lab ( ) Tested Version: 16.0.0.388 on Windows 7 SP1 32 bits Vulnerable Version(s): 16.0.0.388, other versions may be also affected Product: Corel Quattro Pro X6 Standard Edition Change Mirror Download Advisory ID: HTB23112 ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |