CVE-2021-38096

Name of the Vulnerable Software and Affected Versions Corel PDF Fusion version 2.6.2.0

Description The issue is related to an Out-of-bounds Write vulnerability in the Coreip.dll file when parsing a crafted file. This could allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Exploitation requires user interaction, where a victim must open a malicious PDF file.

Recommendations For Corel PDF Fusion version 2.6.2.0, consider avoiding the use of the Coreip.dll file until a patch is available. As a temporary workaround, refrain from opening PDF files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.