Adobe Download Manager AOM Buffer Overflow Vulnerability
BID:21453
Info
Adobe Download Manager AOM Buffer Overflow Vulnerability
| Bugtraq ID: | 21453 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-5856 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 05 2006 12:00AM |
| Updated: | Dec 07 2006 08:39PM |
| Credit: | Derek Soeder discovered this vulnerability. |
| Vulnerable: |
Adobe Download Manager 2.1 |
| Not Vulnerable: | |
Discussion
Adobe Download Manager AOM Buffer Overflow Vulnerability
Adobe Download Manager is affected by a remote buffer-overflow vulnerability.
An attacker can exploit this issue by crafting a malicious AOM file and enticing a user to view a webpage containing the file. A successful attack may result in arbitrary code execution.
This issue affects Adobe Download Manager 2.1 and prior versions.
Adobe Download Manager is affected by a remote buffer-overflow vulnerability.
An attacker can exploit this issue by crafting a malicious AOM file and enticing a user to view a webpage containing the file. A successful attack may result in arbitrary code execution.
This issue affects Adobe Download Manager 2.1 and prior versions.
Exploit / POC
Adobe Download Manager AOM Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution / Fix
Adobe Download Manager AOM Buffer Overflow Vulnerability
Solution:
The vendor advises customers to uninstall the application. For details, see:
http://www.adobe.com/support/security/bulletins/apsb06-19.html
http://www.adobe.com/support/downloads
Solution:
The vendor advises customers to uninstall the application. For details, see:
http://www.adobe.com/support/security/bulletins/apsb06-19.html
http://www.adobe.com/support/downloads
References
Adobe Download Manager AOM Buffer Overflow Vulnerability
References:
References:
- Adobe Homepage (Adobe)
- Vulnerability Note VU#448569 (US-CERT)
- ZDI-06-044 - Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability (Zero Day Initiative)
- Adobe Download Manager AOM Stack Buffer Overflow Vulnerability (eEye)
- Update available for buffer overflow in Adobe Download Manager (Adobe)