Internet Download Manager FTP Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with Internet Download Manager and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code. Impact Level: Application.

Solution

Upgrade to the Internet Download Manager 5.19 For updates refer to http://www.internetdownloadmanager.com/download.html

Insight

The flaw exists due to boundary error when sending certain test sequences to an 'FTP' server, which leads a stack-based buffer overflow by tricking a user into downloading a file from a specially crafted FTP URI.

Affected

Internet Download Manager version prior to 5.19

References

http://secunia.com/advisories/39446
http://secunia.com/secunia_research/2010-62/
http://www.securityfocus.com/archive/1/archive/1/511060/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0995

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

A-V Tronics InetServ POP3 Denial Of Service Vulnerability
BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
Cogent DataHub Unicode Buffer Overflow Vulnerability
Adobe Flash Player Buffer Overflow Vulnerability (Linux)
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)

Take action and discover your vulnerabilities