27 matches found
EUVD-2009-2382
Malware in sbrugna...
CVE-2009-2386
Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method...
AwingSoft Winds3D Player SceneURL Buffer Overflow
No description provided by source. $Id: awingsoftweb3dbof.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...
AwingSoft Winds3D Player 3.5 SceneURL Download and Execute
No description provided by source. $Id: awingsoftwinds3dsceneurl.rb 10389 2010-09-20 04:38:13Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
AwingSoft Winds3D Player SceneURL Code Execution (CVE-2009-4850)
A code execution vulnerability has been reported in AwingSoft's Winds3D player, a browser plug-in for IE, Firefox and Opera. The vulnerability is due to an error in the way the application handles files with specially crafted parameters. An attacker could exploit this vulnerability by enticing a...
CVE-2009-4850
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file...
Design/Logic Flaw
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file...
CVE-2009-4850
CVE-2009-4850 affects AwingSoft Winds3D Viewer plugin 3.5.0.9. The vulnerability allows remote code execution by supplying a SceneURL value that points to an executable (.exe). Public references show exploitation tooling in Metasploit (sceneurl module) and historical coverage (Exploit-DB), confir...
CVE-2009-4850
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file...
CVE-2009-4588
Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control in WindsPly.ocx 3.5.0.0 Beta, 3.0.0.5, and earlier in AwingSoft Awakening Web3D Player and Winds3D Viewer allows remote attackers to cause a denial of service application crash or execute arbitrary code via a long SceneUrl...
CVE-2009-4588
CVE-2009-4588 describes a heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control (WindsPly.ocx) used by AwingSoft Awakening Web3D Player and Winds3D Viewer. The vulnerability allows remote attackers to crash the application or execute arbitrary code by supplying a long SceneUrl va...
AwingSoft Winds3D Player SceneURL Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ awingsoftweb3dbof.rb AwingSoft Web3D Player 'SceneURL'...
AwingSoft Winds3D Player 3.5 SceneURL Download and Execute
$Id: awingsoftwinds3dsceneurl.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
AwingSoft Winds3D Player SceneURL Buffer Overflow
This module exploits a data segment buffer overflow within Winds3D Viewer of AwingSoft Awakening 3.x WindsPly.ocx v3.6.0.0. This ActiveX is a plugin of AwingSoft Web3D Player. By setting an overly long value to the 'SceneURL' property, an attacker can overrun a buffer and execute arbitrary code...
AwingSoft Web3D Player Buffer Overflow
----------------------------------------------------------------------------- AwingSoft Web3D Player WindsPly.ocx "SceneURL" Remote Buffer Overflow url: http://www.awingsoft.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://www.shinnai.net/ Dedicated to aaannamariaaa :D This was...
Security feature bypass
Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method...
CVE-2009-2386
Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method...
CVE-2009-2386
Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method...
CVE-2009-2386
The CVE-2009-2386 entry concerns Awingsoft Awakening Winds3D Viewer plugin (Winds3D Viewer) for/versions 3.5.0.0 and 3.0.0.5 (and possibly others). The vulnerability lies in the GetURL method, which insecurely downloads and executes arbitrary files when invoked, allowing remote attackers to trigg...
AwingSoft Web3D Player (WindsPly.ocx) Remote BOF PoC
Exploit for unknown platform in category dos / poc ==================================================== AwingSoft Web3D Player WindsPly.ocx Remote BOF PoC ==================================================== ----------------------------------------------------------------------------- AwingSoft...