mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
932 B
932 B
CVE-2014-8398
Description
Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7) uvipl.dll, (8) VC1DecDll.dll, or (9) VC1DecDll_SSE3.dll file that is located in the same folder as the file being processed.
POC
Reference
- http://seclists.org/fulldisclosure/2015/Jan/33
- http://www.coresecurity.com/advisories/corel-software-dll-hijacking
Github
No PoCs found on GitHub currently.