Artlantis Studio is prone to a vulnerability that may allow execution of mfc90loc.dll if this dll is located in the same folder than a .ATL file. The attacker must entice a victim into opening a specially crafted .ATL file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Tuesday, February 15, 2011 - 18:00