In association with heise online

10 June 2009, 10:48

Vulnerability in DX Studio Player allows remote control of Windows machines

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Firefox plug-in for the 3D game development environment DX Studio has a critical vulnerability which could allow an attacker to take control of a victims Windows machine. For an attack to be successful, the victim must visit a web site with a malicious .dxstudio file. According to the advisory from Core Security, the plug-in for Internet Explorer is also affected, however, IE issues a warning message about the security implications of allowing the .dxstudio file to run. With Firefox, there is no such warning.

Versions 3.0.29.0, 3.0.22.0 and 3.0.12.0 of DX Studio Player are affected. Previous versions of the DX Studio Player are also likely to be affected. The 3.0.29.1 release fixes the problems. The developers advise all users to update to the new version as soon as possible.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-741969
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit