Computer Security
[EN] securityvulns.ru no-pyccku


Free Download Manager multiple security vulnerabilities
Published:14.05.2010
Source:
SecurityVulns ID:10839
Type:client
Threat Level:
6/10
Description:Buffer overflows, directory traversals.
Affected:FREEDOWNLOADMANA : Free Download Manager 3.0
CVE:CVE-2010-0999 (Directory traversal vulnerability in Free Download Manager (FDM) before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.)
 CVE-2010-0998 (Multiple stack-based buffer overflows in Free Download Manager (FDM) before 3.0.852 allow remote attackers to execute arbitrary code via vectors involving (1) the folders feature in Site Explorer, (2) the websites feature in Site Explorer, (3) an FTP URI, or (4) a redirect.)
Original documentdocumentSECUNIA, Secunia Research: Free Download Manager metalink "name" Directory Traversal (14.05.2010)
 documentSECUNIA, Secunia Research: Free Download Manager Four Buffer Overflow Vulnerabilities (14.05.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod