Free Download Manager Multiple Buffer Overflow Vulnerabilities Network Vulnerability

Summary

This host has Free Download Manager installed and is prone to multiple buffer overflow vulnerabilites.

Impact

Successful exploitation could allow remote attackers to execute arbitrary code in the context of the application or to compromise the application and the underlying computer. Impact Level: Application

Solution

Upgrade to version 3.0 bulid 852 http://www.freedownloadmanager.org/download.htm

Insight

Multiple buffer overflow errors exists due to boundary errors when, - opening folders within the 'Site Explorer' - opening websites in the 'Site Explorer' functionality - setting the directory on 'FTP' servers - handling redirects and - Sanitising the 'name' attribute of the 'file' element of metalink files before using it to download files.

Affected

Free Download Manager version prior to 3.0 build 852 on Windows.

References

http://secunia.com/advisories/39447
http://secunia.com/secunia_research/2010-68/
http://www.securityfocus.com/archive/1/archive/1/511282/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0998, CVE-2010-0999
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ALLMediaServer Request Handling Stack Buffer Overflow Vulnerability
Alpine tmail and dmail Buffer Overflow Vulnerabilities (Win)
Adobe Flash Player Buffer Overflow Vulnerability (Mac OS X)
BarCodeWiz 'BarcodeWiz.dll' ActiveX Control BOF Vulnerability
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Windows)

Take action and discover your vulnerabilities