Internet Download Manager FTP Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with Internet Download Manager and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code. Impact Level: Application.

Solution

Upgrade to the Internet Download Manager 5.19 For updates refer to http://www.internetdownloadmanager.com/download.html

Insight

The flaw exists due to boundary error when sending certain test sequences to an 'FTP' server, which leads a stack-based buffer overflow by tricking a user into downloading a file from a specially crafted FTP URI.

Affected

Internet Download Manager version prior to 5.19

References

http://secunia.com/advisories/39446
http://secunia.com/secunia_research/2010-62/
http://www.securityfocus.com/archive/1/archive/1/511060/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0995
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CCProxy CONNECTION Request Buffer Overflow Vulnerability
BSPlayer Stack Overflow Vulnerability SRT
A-V Tronics InetServ POP3 Denial Of Service Vulnerability
Adobe Flash Player Buffer Overflow Vulnerability (Mac OS X)
3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability

Take action and discover your vulnerabilities