CVE-2014-8398 Information

Description

Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll (2) ipl.dll (3) MSPStyleLib.dll (4) uFioUtil.dll (5) uhDSPlay.dll (6) uipl.dll (7) uvipl.dll (8) VC1DecDll.dll or (9) VC1DecDll_SSE3.dll file that is located in the same folder as the file being processed.

Reference

http://seclists.org/fulldisclosure/2015/Jan/33 http://www.coresecurity.com/advisories/corel-software-dll-hijacking http://www.securityfocus.com/archive/1/534452/100/0/threaded http://www.securityfocus.com/bid/72010