CVE-2010-3130

TechSmith Snagit <11 - RCE

Title source: llm

Description

Untrusted search path vulnerability in TechSmith Snagit all versions 10.x and 11.x allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a snag, snagcc, or snagprof file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Encrypt3d.M!nd · clocalwindows

https://www.exploit-db.com/exploits/14764

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://secunia.com/advisories/41124

[Exploit] http://www.exploit-db.com/exploits/14764

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6668

Scores

EPSS 0.0571

EPSS Percentile 90.5%

Details

Status published

Products (1)

techsmith/snagit 10.0.0

Published Aug 26, 2010

Tracked Since Feb 18, 2026