NVD

Id
35464  
Name
CVE-2014-8398  
Description
Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7) uvipl.dll, (8) VC1DecDll.dll, or (9) VC1DecDll_SSE3.dll file that is located in the same folder as the file being processed.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-01-15  
Modified Date
2015-01-16  
Seq
2014-8398  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
181748 35464 CVE-2014-8398 20150112 Corel Software DLL Hijacking  View
181749 35464 CVE-2014-8398 http://www.coresecurity.com/advisories/corel-software-dll-hijacking  View
181750 35464 CVE-2014-8398 20150112 Corel Software DLL Hijacking  View
181751 35464 CVE-2014-8398 72010  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
18815 JVNDB-2014-007690 Corel FastFlick における任意のコードを実行される脆弱性 Corel FastFlick には、検索パスに関する処理に不備があるため、DLL ハイジャック攻撃を実行され、任意のコードを実行される脆弱性が存在します。 CVE-2014-8398 75691 CVE-2014-8398 35464 4.6 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007690.html 2014-10-22 2015-01-19 View