Описание
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-4850
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58573
- http://osvdb.org/60049
- http://secunia.com/advisories/35764
- http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl
- http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb
Связанные уязвимости
nvd
больше 15 лет назад
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.