CVE-2021-38109

Name of the Vulnerable Software and Affected Versions Corel DrawStandard 2020 version 22.0.0.474

Description The issue is related to an Out-of-bounds Read vulnerability when parsing a crafted file, allowing an unauthenticated attacker to access unauthorized system memory in the context of the current user. Exploitation requires user interaction, where a victim must open a malicious CDR file. This vulnerability is associated with the CrlPlatform.dll library in the CorelDRAW Standard vector graphics editor, which can allow a remote attacker to gain unauthorized access to protected information using a specially formed CDR file.

Recommendations For Corel DrawStandard 2020 version 22.0.0.474, consider avoiding the use of the CrlPlatform.dll library until a patch is available. As a temporary workaround, refrain from opening suspicious or untrusted CDR files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.