CVE-2009-1792
N/A
N/A
Summary
The system.openURL function in StoneTrip Ston3D StandalonePlayer (aka S3DPlayer StandAlone) 1.6.2.4 and 1.7.0.1 and WebPlayer (aka S3DPlayer Web) 1.6.0.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the first argument (the sURL argument).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/35105
- http://secunia.com/advisories/35256
- http://www.coresecurity.com/content/StoneTrip-S3DPlayers
- http://www.securityfocus.com/archive/1/503887/100/0/threaded
References
- http://www.securityfocus.com/bid/35105
- http://secunia.com/advisories/35256
- http://www.coresecurity.com/content/StoneTrip-S3DPlayers
- http://www.securityfocus.com/archive/1/503887/100/0/threaded
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.