Some vulnerabilities have been reported in Awingsoft Winds3D Viewer, which can be exploited by malicious people to compromise a user's system.
1) An input validation error in the handling of the "GetURL()" method can be exploited to execute arbitrary programs on a system. In combination with the plug-in allowing arbitrary files to be downloaded to a system, this can be exploited to execute arbitrary code when a user e.g. visits a malicious website.
2) A boundary error in the handling of the "SceneUrl()" method can be exploited to cause a heap-based buffer overflow by supplying an overly long argument.
The vulnerabilities are reported in versions 18.104.22.168 and 22.214.171.124 Beta. Other versions may also be affected.
3) An error in the implementation of the "SceneUrl" property can be exploited to download and execute arbitrary files.
The vulnerability is confirmed in version 126.96.36.199 for Internet Explorer. Other versions may also be affected.
Successful exploitation of the vulnerabilities allows execution of arbitrary code.
Solution: Disable the plug-in.
Provided and/or discovered by: 1) Diego Juarez, Core Security Technologies.
3) Reported by jduck in a Metasploit module.
Original Advisory: Core Security:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Winds3D Viewer Multiple Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.