CVE-2018-16518

Name of the Vulnerable Software and Affected Versions Prim'X Zed! FREE versions 1.0 build 186 and earlier Prim'X Zed! Limited Edition versions 6.1 build 2208 and earlier

Description A directory traversal issue allows for remote code execution, enabling the creation of arbitrary files on a user's workstation. This is possible through the use of crafted ZED! containers, which can be used by the watermark loading function to place an executable file into a Startup folder.

Recommendations For Prim'X Zed! FREE version 1.0 build 186 and earlier, consider disabling the watermark loading function until a patch is available. For Prim'X Zed! Limited Edition version 6.1 build 2208 and earlier, restrict access to the Startup folder to minimize the risk of exploitation.