CVE-2007-1891
https://notcve.org/view.php?id=CVE-2007-1891
Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize parameter as a byte count instead of a wide character count. Desbordamiento de búfer basado en pila en la función GetPrivateProfileSectionW del control ActiveX Akamai Technologies Download Manager (DownloadManagerV2.ocx) después de la versión 2.0.4.4 pero antes que la 2.2.1.0 permite a atacantes remotos ejecutar código de su elección , relacionado con la mala interpretación del parámetro nSize como un contador de bytes en lugar de un contador de ancho de carácter. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=514 http://secunia.com/advisories/24900 http://www.kb.cert.org/vuls/id/120241 http://www.osvdb.org/34323 http://www.securityfocus.com/archive/1/465908/100/0/threaded http://www.securityfocus.com/bid/23522 http://www.securitytracker.com/id?1017925 http://www.vupen.com/english/advisories/2007/1415 •
CVE-2006-5856 – Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-5856
Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file. Desbordamiento de búfer basado en pila en el Adobe Download Manager anterior a 2.2 permite a atacantes remotos ejecutar código de su elección mediante un nombre de sección largo en el fichero dm.ini, el cual es rellenado mediante un fichero AOM. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Download Manager application. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the AOM file format parser. A long [URL] element inside of a [DownloadRecord] element within an AOM file will result in a stack-based buffer overflow condition leading to execution of arbitrary code. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html http://research.eeye.com/html/advisories/published/AD20061205.html http://secunia.com/advisories/23233 http://securitytracker.com/id?1017340 http://www.adobe.com/support/security/bulletins/apsb06-19.html http://www.kb.cert.org/vuls/id/448569 http://www.securityfocus.com/archive/1/453636/100/0/threaded http://www.securityfocus.com/archive/1/453755/100/0/threaded http://www.securityfocus.com/bid/21453 •
CVE-2006-2964
https://notcve.org/view.php?id=CVE-2006-2964
Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php. • http://securityreason.com/securityalert/1072 http://www.osvdb.org/26643 http://www.osvdb.org/26644 http://www.osvdb.org/26645 http://www.osvdb.org/26646 http://www.osvdb.org/26647 http://www.osvdb.org/26648 http://www.securityfocus.com/archive/1/436104/100/0/threaded http://www.securityfocus.com/archive/1/436107/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/26961 •