CVE-2022-43615

Name of the Vulnerable Software and Affected Versions CorelDRAW Graphics Suite version 23.5.0.506

Description The issue is related to a read past the end of an allocated object when parsing PDF files, due to the lack of proper validation of user-supplied data. This can allow an attacker to disclose sensitive information by opening a specially crafted malicious file or visiting a malicious webpage. The vulnerability requires user interaction to be exploited. An attacker can potentially leverage this vulnerability in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.

Recommendations For CorelDRAW Graphics Suite version 23.5.0.506, consider disabling the PDF parsing functionality until a patch is available to prevent potential exploitation. Restrict access to malicious files and web pages to minimize the risk of sensitive information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.