Awingsoft: >> Awakening Winds3d Viewer Plugin Security Vulnerabilities
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.
CVSS Score
9.3
EPSS Score
0.637
Published
2010-05-07
Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method.
CVSS Score
9.3
EPSS Score
0.053
Published
2009-07-10