CVE-2009-2386

Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
awingsoftawakening_winds3d_viewer_plugin
3.0.0.5
awingsoftawakening_winds3d_viewer_plugin
3.5.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/35764
http://www.coresecurity.com/content/winds3d-viewer-advisory
http://www.securityfocus.com/bid/35595
http://www.vupen.com/english/advisories/2009/1834
http://secunia.com/advisories/35764
http://www.coresecurity.com/content/winds3d-viewer-advisory
http://www.securityfocus.com/bid/35595
http://www.vupen.com/english/advisories/2009/1834