Intrusion Prevention

DXStudio.Firefox.Plugin.Command.Execution

Description

This indicates an attack attempt against a command execution vulnerability in DXStudio Firefox Plugin.
The vulnerability is caused by an error when the vulnerable software handles a malicious shell.execute script. It allows a remote attacker to execute arbitrary command via sending a crafted web page.

Affected Products

Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and probably other versions before 3.0.29.1

Impact

System compromise

Recommended Actions

Upgrade to DX Studio Player version v3.0.29.1 or later.

CVE References

CVE-2009-2011