cbcvebase.
CVE-2009-4850
published 2010-05-07

CVE-2009-4850: The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe…

PriorityP259critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
24.66%
97.6th percentile
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.

Affected

1 ranges
VendorProductVersion rangeFixed in
awingsoftawakening_winds3d_viewer_plugin

Detection & IOCsextracted from sources · hover to see the quote

otherSceneURL
versionAwingsoft Awakening Winds3D Viewer 3.5.0.9
  • Monitor browser plugin processes (IE ActiveX, Opera DLL, Firefox XPI) spawning child processes or downloading and executing .exe files via the SceneURL parameter of the Winds3D Player plugin.
  • Inspect HTTP responses with Content-Type 'application/octet-stream' delivered to browser plugin processes associated with Winds3D Player, as the exploit serves the malicious EXE payload with this content type.
  • Look for HTML pages embedding the Winds3D Player plugin (via <object> or <embed> tags) with a SceneURL property pointing to a remote .exe URL, as this is the delivery mechanism for the exploit.
  • ·The Metasploit module targets Windows only; exploitation requires the victim to be running Winds3D Player plugin version 3.5.0.9 on Firefox 3.5 or IE 8 on Windows XP SP3.
  • ·The exploit payload space is limited to 2048 bytes with a stack adjustment of -3500; payloads exceeding this space will not function correctly.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.