CVE-2008-6061

Published: Feb 5, 2009Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) controller files created by Techsmith Camtasia Studio before 5 allows remote attackers to inject arbitrary additional SWF content via a URL in the csPreloader parameter.

Affected (22)

Products: Techsmith: Camtasia Studio

Techsmith

1 product

Camtasia Studio

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Techsmith Camtasia Studio	Up to 4.0.2
Techsmith Camtasia Studio	Version 1.0.1
Techsmith Camtasia Studio	Version 1.0
Techsmith Camtasia Studio	Version 1.1.1
Techsmith Camtasia Studio	Version 1.1
Techsmith Camtasia Studio	Version 2.0.1
Techsmith Camtasia Studio	Version 2.0.2
Techsmith Camtasia Studio	Version 2.0.3
Techsmith Camtasia Studio	Version 2.0.4
Techsmith Camtasia Studio	Version 2.0.5
Techsmith Camtasia Studio	Version 2.0
Techsmith Camtasia Studio	Version 2.1.0
Techsmith Camtasia Studio	Version 2.1.1
Techsmith Camtasia Studio	Version 2.1.2
Techsmith Camtasia Studio	Version 3.0.0
Techsmith Camtasia Studio	Version 3.0.1
Techsmith Camtasia Studio	Version 3.0.2
Techsmith Camtasia Studio	Version 3.1.0
Techsmith Camtasia Studio	Version 3.1.1
Techsmith Camtasia Studio	Version 3.1.2
Techsmith Camtasia Studio	Version 4.0.0
Techsmith Camtasia Studio	Version 4.0.1