exploitDog

CVE-2014-8397

Опубликовано: 15 янв. 2015

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed.

Комментарий

CWE-426: Untrusted Search Path

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:corel:fastflick:*:*:*:*:*:*:*:*

cpe:2.3:a:corel:videostudio_pro:x7:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.07891

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-98f5-j2qf-rm7w

github

больше 3 лет назад

Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed.

EPSS

Процентиль: 92%

0.07891

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other