CVE-2014-8397CVE-2014-8397

Affected configuration(s):

cpe:/a:corel:fastflick
cpe:/a:corel:videostudio_pro:x7

Date published: 2015-01-15T10:59:12.593-05:00

Date last modified: 2015-02-17T10:43:38.317-05:00

CVSS Score: 4.6

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://seclists.org/fulldisclosure/2015/Jan/33

Summary: Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.