Lucene search

Kaspersky LabKLA10099

HistorySep 07, 2012 - 12:00 a.m.

KLA10099 LPE vulnerability in Camtasia Studio

2012-09-0700:00:00

Kaspersky Lab

threats.kaspersky.com

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

30.5%

JSON

An untrusted path vulnerability was found in Camtasia Studio. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via DLL hijacking.

Original advisories

Related products

Camtasia-Studio

CVE list

CVE-2010-5234 high

Solution

Update to latest version

Impacts

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

Camtasia Studio version 7.0.1 build 57

References

statistics.securelist.com/

threats.kaspersky.com/en/product/Camtasia-Studio/

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

30.5%

JSON

Related for KLA10099