Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method.
References
Link | Resource |
---|---|
http://secunia.com/advisories/35764 | Vendor Advisory |
http://www.coresecurity.com/content/winds3d-viewer-advisory | Exploit |
http://www.securityfocus.com/bid/35595 | Exploit |
http://www.vupen.com/english/advisories/2009/1834 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:24:08
Updated: 2022-10-03T16:24:08
Reserved: 2022-10-03T00:00:00
Link: CVE-2009-2386
JSON object: View
NVD Information
Status : Analyzed
Published: 2009-07-10T15:30:00.217
Modified: 2009-07-13T04:00:00.000
Link: CVE-2009-2386
JSON object: View
Redhat Information
No data.
CWE