RSS   Vulnerabilities for 'S3dplayer web'   RSS

2009-05-29
 
CVE-2009-1792

CWE-78
 

 
The system.openURL function in StoneTrip Ston3D StandalonePlayer (aka S3DPlayer StandAlone) 1.6.2.4 and 1.7.0.1 and WebPlayer (aka S3DPlayer Web) 1.6.0.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the first argument (the sURL argument).

 

 >>> Vendor: Stonetrip 2 Products
S3dplayer standalone
S3dplayer web


Copyright 2024, cxsecurity.com

 

Back to Top