Published: 26/08/2010 Updated: 13/05/2020

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Untrusted search path vulnerability in TechSmith Snagit all versions 10.x and 11.x allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a snag, snagcc, or snagprof file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
techsmith snagit 10.0.0

/* TechSmith Snagit 10 (Build 788) Dll Hijacking Exploit By: Encrypt3dM!nd Date: 25\8\2010 Download: wwwtechsmithcom/download/snagittrialasp Details: Compile the following code and rename it to dwmapidl and place file with one of the affected types in the same directory of the dll Affected types: snag , snagcc , snagprof Code :(used ...

CVE_Assessment_04_2019 This is a review of Snagit version 19112860 The software relies in the use of the Windows installer XML (WiX) toolset which is vulnerable to elevation of privilege by loading dynamic link libraries (CVE-2016-0014) The same file structure from this known vulnerability was found in the software In addition, it was identified security risks due to comp

NVD-CWE-Other http://secunia.com/advisories/41124 http://www.exploit-db.com/exploits/14764 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6668 https://nvd.nist.gov https://github.com/GitHubAssessments/CVE_Assessment_04_2019 https://www.exploit-db.com/exploits/14764/

CVE-2010-3130

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect