CVE-2014-8397

Name of the Vulnerable Software and Affected Versions Corel VideoStudio PRO X7

Description The issue allows local users to execute arbitrary code and conduct DLL hijacking attacks by placing a Trojan horse u32ZLib.dll file in the same folder as the file being processed. This is due to an untrusted search path vulnerability.

Recommendations For Corel VideoStudio PRO X7, as a temporary workaround, consider restricting access to the u32ZLib.dll file to minimize the risk of exploitation. Avoid using the software with untrusted files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.