Описание
Stack-based buffer overflow in the CDownloads_Deleted::UpdateDownload function in Downloads_Deleted.cpp in Free Download Manager 3.9.3 build 1360, 3.8 build 1173, 3.0 build 852, and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name, which is then deleted from the download queue by the user.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:freedownloadmanager:free_download_manager:3.8:*:*:*:*:*:*:*
cpe:2.3:a:freedownloadmanager:free_download_manager:3.9.3:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.41329
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Stack-based buffer overflow in the CDownloads_Deleted::UpdateDownload function in Downloads_Deleted.cpp in Free Download Manager 3.9.3 build 1360, 3.8 build 1173, 3.0 build 852, and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name, which is then deleted from the download queue by the user.
EPSS
Процентиль: 97%
0.41329
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119