Pixia is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder as a .PXA file. The attacker must entice a victim into opening a specially crafted .PXA file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Thursday, February 17, 2011 - 00:00