This Metasploit module exploits a command execution vulnerability within the DX Studio Player from Worldweaver. The player is a browser plugin for IE (ActiveX) and Firefox (dll). When an unsuspecting user visits a web page referring to a specially crafted .dxstudio document, an attacker can execute arbitrary commands. Testing was conducted using plugin version 3.0.29.0 for Firefox 2.0.0.20 and IE 6 on Windows XP SP3. In IE, the user will be prompted if they wish to allow the plug-in to access local files. This prompt appears to occur only once per server host. NOTE: This exploit uses additionally dangerous script features to write to local files!
df30ef328f778fb87ec1bedbb5fb44c049613998b97f376e12ee685cf60c921b
Core Security Technologies Advisory - The DX Studio Player Firefox plug-in suffers from a command injection vulnerability.
f5f901c9f6726f2f43e4d97c8d0750144416ef2ed9e07d3b11923f7251e90b24