![]() ![]() There is no reason to believe this is remotely exploitable. Exploiting this vulnerability would require write access to the local file system which would allow a bad actor to engage in many other malicious actions on the target computer. This library was a dependency of older Google SDKs for Google Drive and YouTube outputs. This is not related to the Log4j RCE vulnerabilities. TechSmith Snagit for Windows prior to version 2022.0.2 and TechSmith Camtasia for Windows prior to 2021.0.16 were distributed with a version of Log4net vulnerable to CVE-2018-1275. Use of Log4net in TechSmith Snagit and TechSmith Camtasia
0 Comments
Leave a Reply. |