Design/Logic Flaw

The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file...

PT-2010-1407 · Awingsoft · Awingsoft Awakening Web3D Player +3

Name of the Vulnerable Software and Affected Versions: AwingSoft Awakening Web3D Player and Winds3D Viewer versions 3.5.0.0 Beta, 3.0.0.5, and earlier Description: The issue is related to a heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control in WindsPly.ocx. This can be trigger...