Published: 07/01/2010 Updated: 14/02/2024

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 940

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control in WindsPly.ocx 3.5.0.0 Beta, 3.0.0.5, and previous versions in AwingSoft Awakening Web3D Player and Winds3D Viewer allows remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a long SceneUrl property value, a different vulnerability than CVE-2009-2386. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
awingsoft awakening winds3d player 3.5.0.0
awingsoft awakening winds3d viewer 3.0.0.5
awingsoft awakening winds3d viewer 3.5.0.0
awingsoft awakening winds3d player 3.0.0.5

----------------------------------------------------------------------------- AwingSoft Web3D Player (WindsPlyocx) "SceneURL()" Remote Buffer Overflow url: wwwawingsoftcom/ Author: shinnai mail: shinnai[at]autistici[dot]org site: wwwshinnainet/ Dedicated to aaannamariaaa :D This was written for educational purpose Use ...

## # $Id: awingsoft_web3d_bofrb 9179 2010-04-30 08:40:19Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## ## # awingsoft_web3d_b ...

CWE-119 http://secunia.com/advisories/35764 http://www.shinnai.net/exploits/nsGUdeley3EHfKEV690p.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/51672 http://www.exploit-db.com/exploits/9116 https://nvd.nist.gov https://www.exploit-db.com/exploits/9116/

CVE-2009-4588

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect