Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8394

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2014-8394
Last Modified 15 Jan 2015 07:37:50
Published 15 Jan 2015 10:59:09
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-8394

Summary

Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) FxManagedCommands_3.08_9.tx or (2) TD_Mgd_3.08_9.dll file in the current working directory.

Vulnerable Systems

Application

  • Corelcad 2014


References

BID - 72004

BUGTRAQ - 20150112 Corel Software DLL Hijacking

MISC - http://www.coresecurity.com/advisories/corel-software-dll-hijacking


Last Updated: 27 May 2016 11:07:33