SECUNIA ADVISORY ID: SA42524
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42524/
CRITICALITY: Highly Critical
RELEASE DATE: 2010-12-06
DESCRIPTION: A vulnerability has been discovered in Google Earth, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wintab32.dll and quserex.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a KMZ file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 5.1.3533.1731. Other versions may also be affected.
SOLUTION: Upgrade to version 6.0.
PROVIDED AND/OR DISCOVERED BY: Taeho Kwon and Zhendong Su
Google Earth Insecure Library Loading VulnerabilityPosted on Monday, December 06, 2010 @ 15:46:39 CST in Security Associated Topics
 |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
