CVE-2010-3130

Name of the Vulnerable Software and Affected Versions TechSmith Snagit versions 10.x through 11.x

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse dwmapi.dll located in the same folder as a snag, snagcc, or snagprof file.

Recommendations For versions 10.x through 11.x, update to a version that is not affected by this issue, as no specific fix is provided for these versions. As a temporary workaround, consider restricting access to the dwmapi.dll file to minimize the risk of exploitation. Avoid executing files from untrusted sources, and ensure that all files are scanned for malware before execution.