4 results (0.027 seconds)

CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0

Directory traversal vulnerability in Free Download Manager (FDM) before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file. Vulnerabilidad de salto de directorio en Free Download Manager (FDM) anteriores a v3.0.852, permite a atacantes remotos crear ficheros de su elección al utilizar caracteres .. (punto punto) en el atributo nombre de un elemento fichero en un fichero metalink. • http://osvdb.org/64670 http://secunia.com/secunia_research/2010-67 http://www.securityfocus.com/archive/1/511284/100/0/threaded http://www.securityfocus.com/bid/40152 https://exchange.xforce.ibmcloud.com/vulnerabilities/58627 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7284 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 23%CPEs: 9EXPL: 0

Multiple stack-based buffer overflows in Free Download Manager (FDM) before 3.0.852 allow remote attackers to execute arbitrary code via vectors involving (1) the folders feature in Site Explorer, (2) the websites feature in Site Explorer, (3) an FTP URI, or (4) a redirect. Múltiple desbordamiento de búfer basado en pila en Free Download Manager (FDM) anteriores a v3.0.852, permite a atacantes remotos ejecutar código de su elección a través de vectores que implican las características (1) "folders" en Site Explorer, (2) cathe websites Site Explorer, (3) un FTP URI, o (4) redirect. • http://osvdb.org/64671 http://osvdb.org/64672 http://osvdb.org/64673 http://osvdb.org/64674 http://secunia.com/advisories/39447 http://secunia.com/secunia_research/2010-68 http://www.securityfocus.com/archive/1/511282/100/0/threaded http://www.securityfocus.com/bid/40146 https://exchange.xforce.ibmcloud.com/vulnerabilities/58626 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7006 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 67%CPEs: 2EXPL: 2

Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a torrent file, or (3) a long comment in a torrent file. Múltiple desbordamiento de búfer en la implementación del torrent parsing en Free Download Manager (FDM) v2.5 Build 758 y v3.0 Build 844 permite a atacantes remotos ejecutar código de su elección a través de (1) un nombre de fichero largo sin un fichero torrent, (2) una dirección de tracker URL larga en un fichero torrent, o (3) un comentario largo en un fichero torrent. • https://www.exploit-db.com/exploits/10009 https://www.exploit-db.com/exploits/16634 http://secunia.com/advisories/33524 http://secunia.com/secunia_research/2009-5 http://www.securityfocus.com/archive/1/500605/100/0/threaded http://www.securityfocus.com/bid/33555 http://www.vupen.com/english/advisories/2009/0302 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 74%CPEs: 2EXPL: 2

Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request. Desbordamiento del búfer basado en pila en Remote Control Server de Free Download Manager (FDM) v2.5 Build 758 y v3.0 Build 844; permite a atacantes remotos ejecutar código de su elección a través de una cabecera larga Authorization en una petición HTTP. • https://www.exploit-db.com/exploits/7986 https://www.exploit-db.com/exploits/16777 http://osvdb.org/51745 http://secunia.com/advisories/33524 http://secunia.com/secunia_research/2009-3 http://www.securityfocus.com/archive/1/500604/100/0/threaded http://www.securityfocus.com/bid/33554 http://www.vupen.com/english/advisories/2009/0302 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •