Free Download Manager Multiple Remote Buffer Overflow Vulnerabilities
BID:40146
Info
Free Download Manager Multiple Remote Buffer Overflow Vulnerabilities
| Bugtraq ID: | 40146 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2010-0998 |
| Remote: | Yes |
| Local: | No |
| Published: | May 13 2010 12:00AM |
| Updated: | May 13 2010 12:00AM |
| Credit: | Stefan Cornelius, Secunia Research |
| Vulnerable: |
Freedownloadmanager Free Download Manager 3.0.Build 850 Freedownloadmanager Free Download Manager 3.0.Build 848 Freedownloadmanager Free Download Manager 3.0.Build 844 Freedownloadmanager Free Download Manager 2.5 Build 758 |
| Not Vulnerable: |
Freedownloadmanager Free Download Manager 3.0.Build 852 |
Discussion
Free Download Manager Multiple Remote Buffer Overflow Vulnerabilities
Free Download Manager is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input.
Attackers can leverage these issues to execute arbitrary code in the context of the application. Successful exploits can compromise the application and the underlying computer. Failed attacks will cause denial-of-service conditions.
Versions prior to Free Download Manager 3.0 build 852 are vulnerable.
Free Download Manager is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input.
Attackers can leverage these issues to execute arbitrary code in the context of the application. Successful exploits can compromise the application and the underlying computer. Failed attacks will cause denial-of-service conditions.
Versions prior to Free Download Manager 3.0 build 852 are vulnerable.
Exploit / POC
Free Download Manager Multiple Remote Buffer Overflow Vulnerabilities
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Free Download Manager Multiple Remote Buffer Overflow Vulnerabilities
Solution:
Reportedly, the vendor released updates to address these issues, but Symantec has not confirmed this information. Please see the references and contact the vendor for more information.
Solution:
Reportedly, the vendor released updates to address these issues, but Symantec has not confirmed this information. Please see the references and contact the vendor for more information.
References
Free Download Manager Multiple Remote Buffer Overflow Vulnerabilities
References:
References:
- Free Download Manager Four Buffer Overflow Vulnerabilities (Secunia Research)
- Free Download Manager Homepage (Free Download Manager)
- Secunia Research: Free Download Manager Four Buffer Overflow Vulnerabilities (Secunia Research
)