Summary
This host has Free Download Manager installed and is prone to multiple buffer overflow vulnerabilites.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code in the context of the application or to compromise the application and the underlying computer.
Impact Level: Application
Solution
Upgrade to version 3.0 bulid 852
http://www.freedownloadmanager.org/download.htm
Insight
Multiple buffer overflow errors exists due to boundary errors when, - opening folders within the 'Site Explorer'
- opening websites in the 'Site Explorer' functionality - setting the directory on 'FTP' servers
- handling redirects and
- Sanitising the 'name' attribute of the 'file' element of metalink files before using it to download files.
Affected
Free Download Manager version prior to 3.0 build 852 on Windows.
References
Severity
Classification
-
CVE CVE-2010-0998, CVE-2010-0999 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)
- Alpine tmail and dmail Buffer Overflow Vulnerabilities (Win)
- Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)
- Apple iTunes '.pls' Files Buffer Overflow Vulnerability
- Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)