Release DateSep 17, 2009 |
Severitycritical |
ImpactSystem compromise |
DescriptionThis indicates an attack attempt against a command-execution vulnerability in the Awingsoft Awakening Winds3D Viewer plugin.The vulnerability is caused by an error when the vulnerable software handles a malicious Winds3D scene. It allows a remote attacker to execute arbitrary command by enticing the user to visit a malicious website. |
Affected ProductsAwingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5 |
Recommended ActionsTemporarily disable the affected plugin. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-2386 |
Reference/shttp://www.securityfocus.com/bid/35595 (BugTraq) |
