Computer Security
[EN] securityvulns.ru no-pyccku


Awingsoft Awakening Winds3D Viewer unauthorized access
Published:09.07.2009
Source:
SecurityVulns ID:10057
Type:client
Threat Level:
5/10
Description:Code execution, file system access.
Affected:AWINGSOFT : Winds3D Viewer 3.5
CVE:CVE-2009-2386 (Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [Full-disclosure] CORE-2009-0519 - Awingsoft Awakening Winds3D Viewer remote command execution vulnerability (09.07.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod