Snagit DLL Preloading Arbitrary Code Execution
High Nessus Plugin ID 72604
SynopsisA screen capture and sharing tool installed on the remote host is affected by a DLL preloading vulnerability.
DescriptionThe version of Snagit installed on the remote Windows host has a DLL preloading vulnerability. An attacker can execute arbitrary code by tricking a user into opening a Snagit file (.snag, .snagprof, or .snagcc) from an attacker-controlled location such as a network share.
SolutionUpgrade to Snagit 11.1.0 or higher.