Vulnerability CVE-2009-2011

Vulnerability CVE-2009-2011

Published: 2009-06-16 Modified: 2012-02-13

Description:

	Topic	Author	Date
High	DX Studio Player Firefox plug-in command injection	CORE Security Te...	18.06.2009

Type:

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

CVSS Base Score	Impact Subscore	Exploitability Subscore
9.3/10	10/10	8.6/10

Affected software
Dxstudio -> Dx studio player

http://www.coresecurity.com/content/DXStudio-player-firefox-plugin

http://www.dxstudio.com/forumtopic.aspx?topicid=b4152459-fb5f-4933-b700-b3fbd54f6bfd

http://www.securityfocus.com/archive/1/504195/100/0/threaded

http://www.securityfocus.com/bid/35273

http://www.vupen.com/english/advisories/2009/1561

https://exchange.xforce.ibmcloud.com/vulnerabilities/51035

https://www.exploit-db.com/exploits/8922