CVE-2009-4148
CVE-2009-4148 affects DAZ Studio 2.3.3.161, 2.3.3.163 and 3.0.1.135. It enables remote code execution via malicious scripting files with extensions .ds, .dsa, .dse, or .dsb, demonstrated by code that loads the WScript.Shell ActiveX control (script injection vulnerability). Proof of concept and ad...