Lucene search
K

4 matches found

Circl
Circl
added 2010/09/20 12:0 a.m.12 views

CVE-2009-4850

creationtimestamp| type| source ---|---|--- 2010-09-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16570 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/awingsoftwinds3dsceneurl.rb 2025-02-06...

9.3CVSS5.8AI score0.24665EPSS
Exploits3References2
Cvelist
Cvelist
added 2010/05/07 6:23 p.m.23 views

CVE-2009-4850

The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file...

7.4AI score0.24665EPSS
Exploits3References5
CVE
CVE
added 2010/05/07 6:23 p.m.43 views

CVE-2009-4850

CVE-2009-4850 affects AwingSoft Winds3D Viewer plugin 3.5.0.9. The vulnerability allows remote code execution by supplying a SceneURL value that points to an executable (.exe). Public references show exploitation tooling in Metasploit (sceneurl module) and historical coverage (Exploit-DB), confir...

9.3CVSS7.6AI score0.24665EPSS
Exploits3References5Affected Software1
Metasploit
Metasploit
added 2009/11/14 10:26 p.m.18 views

AwingSoft Winds3D Player 3.5 SceneURL Download and Execute

This module exploits an untrusted program execution vulnerability within the Winds3D Player from AwingSoft. The Winds3D Player is a browser plugin for IE ActiveX, Opera DLL and Firefox XPI. By setting the 'SceneURL' parameter to the URL to an executable, an attacker can execute arbitrary code...

9.3CVSS10AI score0.24665EPSS
Exploits3
Rows per page
Query Builder