Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:11786
HistoryJul 10, 2009 - 12:00 a.m.

Winds3D Viewer GetURL()函数远程代码执行漏洞

2009-07-1000:00:00
Root
www.seebug.org
10

0.055 Low

EPSS

Percentile

92.4%

JSON

BUGTRAQ ID: 35595
CVE(CAN) ID: CVE-2009-2386

Awakening是一个功能强大的实时3D解决方案,Winds3D Viewer是Awakening的浏览器插件。

Winds3D Viewer以不安全的方式实现了GetURL函数:

/-----------

GetURL(string URL)
Description: Open browser to visit assigned URL
returns: None

  • -----------/

调用GetURL最终会执行相当于“ShellExecute(NULL, "open", URL, 0, 0, SW_SHOW);”的调用。尽管攻击者仅能控制所要打开的文件,但结合脚本接口能够下载任意文件,就可以导致在用户访问恶意网站时执行任意指令。

Awingsoft Winds3D Viewer v3.5.0.0
Awingsoft Winds3D Viewer v3.0.0.5
临时解决方法:

  • 对CLSID 17A54E7D-A9D4-11D8-9552-00E04CB09903设置kill bit。

厂商补丁:

Awingsoft

目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

http://www.awingsoft.com/web3d/web3d.htm

Related

securityvulns 2
prion 2
cve 2
coresecurity 1
packetstorm 1
securityvulns
securityvulns
[Full-disclosure] CORE-2009-0519 - Awingsoft Awakening Winds3D Viewer remote command execution vulnerability
2009-07-09 00:00:00
Awingsoft Awakening Winds3D Viewer unauthorized access
2009-07-09 00:00:00
prion
prion
Security feature bypass
2009-07-10 15:30:00
Heap overflow
2010-01-07 18:30:00
cve
cve
CVE-2009-2386
2009-07-10 15:30:00
CVE-2009-4588
2010-01-07 18:30:00
coresecurity
coresecurity
Awingsoft Awakening Winds3D Viewer remote command execution vulnerability
2009-07-08 00:00:00
packetstorm
packetstorm
Core Security Technologies Advisory 2009.0519
2009-07-08 00:00:00

0.055 Low

EPSS

Percentile

92.4%

JSON
Related for SSV:11786
securityvulns2prion2cve2coresecurity1packetstorm1