4 matches found
StoneTrip Ston3D Standalone Player Code Execution Vulnerability - Linux
StoneTrip Ston3D Standalone Player is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-1792
StoneTrip Ston3D products and players are vulnerable to a remote code/injection flaw in system.openURL, allowing arbitrary command execution via crafted sURL. Affected: S3DPlayer StandAlone v1.6.2.4, v1.7.0.1 and S3DPlayer Web v1.6.0.0. Root cause: the scripting function system.openURL does not p...
CVE-2009-1792
The system.openURL function in StoneTrip Ston3D StandalonePlayer aka S3DPlayer StandAlone 1.6.2.4 and 1.7.0.1 and WebPlayer aka S3DPlayer Web 1.6.0.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the first argument the sURL argument...
StoneTrip S3DPlayers remote command injection
StoneTrip S3DPlayers remote command injection 1. Advisory Information Title: StoneTrip S3DPlayers remote command injection Advisory Id: CORE-2009-0401 Advisory URL: Date published: 2009-05-28 Date of last update: 2010-05-18 Vendors contacted: StoneTrip Release mode: User release 2. Vulnerability...