mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-30 00:40:29 +02:00
943 B
943 B
CVE-2014-8398
Description
Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7) uvipl.dll, (8) VC1DecDll.dll, or (9) VC1DecDll_SSE3.dll file that is located in the same folder as the file being processed.
POC
Reference
- http://seclists.org/fulldisclosure/2015/Jan/33
- http://www.coresecurity.com/advisories/corel-software-dll-hijacking
Github
No PoCs found on GitHub currently.