Search
Find a vulnerability
Search criteria
4 vulnerabilities found for awakening_winds3d_viewer_plugin by awingsoft
CVE-2009-4850 (GCVE-0-2009-4850)
Vulnerability from nvd – Published: 2010-05-07 18:23 – Updated: 2024-08-07 07:17
VLAI
Summary
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://osvdb.org/60049 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/35764 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.metasploit.com/redmine/projects/framew… | x_refsource_MISC |
| http://www.metasploit.com/modules/exploit/windows… | x_refsource_MISC |
Date Public
2009-11-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:25.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/60049"
},
{
"name": "35764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35764"
},
{
"name": "winds3d-sceneurl-command-execution(58573)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58573"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "60049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/60049"
},
{
"name": "35764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35764"
},
{
"name": "winds3d-sceneurl-command-execution(58573)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58573"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60049",
"refsource": "OSVDB",
"url": "http://osvdb.org/60049"
},
{
"name": "35764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35764"
},
{
"name": "winds3d-sceneurl-command-execution(58573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58573"
},
{
"name": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb",
"refsource": "MISC",
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb"
},
{
"name": "http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl",
"refsource": "MISC",
"url": "http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4850",
"datePublished": "2010-05-07T18:23:00.000Z",
"dateReserved": "2010-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:17:25.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2386 (GCVE-0-2009-2386)
Vulnerability from nvd – Published: 2009-07-10 15:00 – Updated: 2024-09-16 19:24
VLAI
Summary
Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/35764 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/35595 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/1834 | vdb-entryx_refsource_VUPEN |
| http://www.coresecurity.com/content/winds3d-viewe… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:13.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35764"
},
{
"name": "35595",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35595"
},
{
"name": "ADV-2009-1834",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1834"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/winds3d-viewer-advisory"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-07-10T15:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35764"
},
{
"name": "35595",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35595"
},
{
"name": "ADV-2009-1834",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1834"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/winds3d-viewer-advisory"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35764"
},
{
"name": "35595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35595"
},
{
"name": "ADV-2009-1834",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1834"
},
{
"name": "http://www.coresecurity.com/content/winds3d-viewer-advisory",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/winds3d-viewer-advisory"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2386",
"datePublished": "2009-07-10T15:00:00.000Z",
"dateReserved": "2009-07-08T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:24:28.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4850 (GCVE-0-2009-4850)
Vulnerability from cvelistv5 – Published: 2010-05-07 18:23 – Updated: 2024-08-07 07:17
VLAI
Summary
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://osvdb.org/60049 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/35764 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.metasploit.com/redmine/projects/framew… | x_refsource_MISC |
| http://www.metasploit.com/modules/exploit/windows… | x_refsource_MISC |
Date Public
2009-11-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:25.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/60049"
},
{
"name": "35764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35764"
},
{
"name": "winds3d-sceneurl-command-execution(58573)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58573"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "60049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/60049"
},
{
"name": "35764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35764"
},
{
"name": "winds3d-sceneurl-command-execution(58573)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58573"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60049",
"refsource": "OSVDB",
"url": "http://osvdb.org/60049"
},
{
"name": "35764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35764"
},
{
"name": "winds3d-sceneurl-command-execution(58573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58573"
},
{
"name": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb",
"refsource": "MISC",
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7518/entry/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb"
},
{
"name": "http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl",
"refsource": "MISC",
"url": "http://www.metasploit.com/modules/exploit/windows/browser/awingsoft_winds3d_sceneurl"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4850",
"datePublished": "2010-05-07T18:23:00.000Z",
"dateReserved": "2010-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:17:25.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2386 (GCVE-0-2009-2386)
Vulnerability from cvelistv5 – Published: 2009-07-10 15:00 – Updated: 2024-09-16 19:24
VLAI
Summary
Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/35764 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/35595 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/1834 | vdb-entryx_refsource_VUPEN |
| http://www.coresecurity.com/content/winds3d-viewe… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:13.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35764"
},
{
"name": "35595",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35595"
},
{
"name": "ADV-2009-1834",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1834"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/winds3d-viewer-advisory"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-07-10T15:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35764",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35764"
},
{
"name": "35595",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35595"
},
{
"name": "ADV-2009-1834",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1834"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/winds3d-viewer-advisory"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35764"
},
{
"name": "35595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35595"
},
{
"name": "ADV-2009-1834",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1834"
},
{
"name": "http://www.coresecurity.com/content/winds3d-viewer-advisory",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/winds3d-viewer-advisory"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2386",
"datePublished": "2009-07-10T15:00:00.000Z",
"dateReserved": "2009-07-08T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:24:28.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}