CVE-2022-43610

Name of the Vulnerable Software and Affected Versions CorelDRAW Graphics Suite version 23.5.0.506

Description The issue is related to a read past the end of an allocated object when parsing GIF images, which can allow an attacker to disclose sensitive information. This can be exploited by opening a specially crafted malicious file or visiting a malicious web page, requiring user interaction. The problem stems from the lack of proper validation of user-supplied data. An attacker may leverage this issue, potentially in conjunction with other vulnerabilities, to execute arbitrary code in the context of the current process.

Recommendations For version 23.5.0.506, consider disabling the GIF image parsing functionality until a patch is available to prevent potential exploitation. Restrict access to untrusted files and web pages to minimize the risk of information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.