DXStudio.Firefox.Plugin.Command.Execution

Release Date Sep 24, 2009
Severity high
Impact System compromise
Description This indicates an attack attempt against a command execution vulnerability in DXStudio Firefox Plugin. The vulnerability is caused by an error when the vulnerable software handles a malicious shell.execute script. It allows a remote attacker to execute arbitrary command via sending a crafted web page.
Affected Products Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and probably other versions before 3.0.29.1
Recommended Actions Upgrade to DX Studio Player version v3.0.29.1 or later.
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2009-2011
Reference/s http://www.securityfocus.com/bid/25273 (BugTraq)

Fortinet