Bugtraq id 42754 and 42788 both cover the DLL hijacking vulnerability as it involves 'mfc90enu.dll' and 'mfc90loc.dll' in Camtasia Studio. Is the second BID an oversight? If not, what's the difference between them? George -- theall at tenablesecurity.com