Winds3D Viewer 'GetURL()' Arbitrary File Download Vulnerability

Winds3D Viewer 'GetURL()' Arbitrary File Download Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious webpage.

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

The following exploit is available:

/data/vulnerabilities/exploits/35595.usr