Remember Corel? It's just entered .DLL hell Local zero day vulnerabilities have been disclosed in Corel applications, potentially affecting more than 100 million users. The holes were dropped by Marcos Accossatto of Core Security after the doodleware company did not respond to his private disclosure. Corel has been contacted for comment. "Given that this is a client- …
According to that ever reliable source of Wikipedia, Corel Linux was based off of Debian.
Corel Linux may have been an early commercial distro of Linux, but it certainly wasn't one of the firsts. Debian, which Corel was based off, first came out in 1996. (It was announced in 1993) The earliest distributions came out in 1992. (Linus released his first kernel in 1991)
All details sourced from Wikipedia.
I have a Corel Linux CD sitting in a cupboard somewhere which was handed out a Linux users group a long time ago. Must see if I can find it.
Anyway it certainly wasn't the first Linux dist by any stretch but it was perhaps the first dist pitched at consumers. The idea was that they'd slap it on cheap PCs for next to nothing and then make money selling bundled up versions of software (most of which were free to begin with). Xandros and Linspire took the idea over but it didn't catch on.
Oh come on folks, Corel might be a tad behind the times, but the software is good.
Yes, I use their software and have done for years, especially PaintShop Pro which (for the price) can, in the right hands, stand up to the mighty Photoshop (way too expensive).
But nowadays everyone wants one-click and you have a masterpiece, so the right hands are likely few.
Give Corel a break and stop sniping :-(
The best thing about WordPerfect was its Reveal Codes feature. It allowed you to see how all the formatting was structured under the bonnet. This allowed you to troubleshoot formatting problems really easily. You could even move the cursor between the formatting elements to ensure you got what you wanted.
I'm not aware that any word processor supports anything like that any more. And they call it progress....
I'm not aware that any word processor supports anything like that any more.
I can't offhand name a "word processor" that does (though you can of course inspect the contents of files generated the various ones that use XML), but document markup languages give you this ability and a better separation of content, structure, and formatting in the bargain.
Yep, me too. I've been using Paint Shop Pro 7 for years, and there are very few reasons I can find to re-train myself on Photoshop.
If someone could hack in 32bit BMP support I'd be soooo happy.
Hard to tell from the article, but the issue might not affect the really old products like Jasc PSP 7. The X7 version is v17 from what I can gather (the latest version).
Corel Linux was a disaster. Never managed to get it talking to my Adaptec scsi, or Postscript printer; wouldn't run Corel Word Perfect.
Much happier with CoreDRAW! Suite. Been using it since V 2.0 when I was southernmost licence-holder on the planet. Soon learnt not to upgrade on first release of new versions; they were invariably buggy as hell. Even skipped a few. Currently on X5.
...but this isn't a vulnerability found "in" an EXE or a DLL. This is a "search path vulnerability" which is part of a a DOS / Windows 3 design decision, thoughtlessly replicated to this very day, particularly by cross-platform developers: The decision to put the Application (EXE and DLL) in the same folder as the application Data ( BMP/JPG/DOC/DAT )
Originally, because you wanted, if possible, to put everything on the same floppy disk. Still, if thoughtless, because different platforms have different customs/rules for where user data should go, and where applications should go, and there are still people who just dump averything in together.
The vulnerability descibed her is that "the DLL search path includes the current directory". This was the default case on Windows for many years.
Is this just a description of the way old Windows application software works, or a special case of Corel being worse than everyone else when run on a current version of Windows? Dunno without more details.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
