SECUNIA ADVISORY ID: SA42524
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42524/
CRITICALITY: Highly Critical
RELEASE DATE: 2010-12-06
DESCRIPTION: A vulnerability has been discovered in Google Earth, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wintab32.dll and quserex.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a KMZ file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 5.1.3533.1731. Other versions may also be affected.
SOLUTION: Upgrade to version 6.0.
PROVIDED AND/OR DISCOVERED BY: Taeho Kwon and Zhendong Su
|
This article comes from Ravens PHP Scripts
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3863
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3863