exploitDog

CVE-2020-23060

Опубликовано: 22 окт. 2021

Источник: nvd

CVSS3: 7.1

CVSS2: 6.6

EPSS Низкий

Описание

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file.

Ссылки

https://cwe.mitre.org/data/definitions/121.html
Third Party Advisory
https://www.vulnerability-lab.com/get_content.php?id=2236
Exploit
Third Party Advisory
https://cwe.mitre.org/data/definitions/121.html
Third Party Advisory
https://www.vulnerability-lab.com/get_content.php?id=2236
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tonec:internet_download_manager:6.37.11.1:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.0005

Низкий

7.1 High

CVSS3

6.6 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-x2ww-38f7-xq37

CVSS3: 7.1

github

больше 3 лет назад

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file.

EPSS

Процентиль: 16%

0.0005

Низкий

7.1 High

CVSS3

6.6 Medium

CVSS2

Дефекты

CWE-787