Vulnerability Description
Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a torrent file, or (3) a long comment in a torrent file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Free Download Manager | Free Download Manager | 2.5 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/33524Vendor Advisory
- http://secunia.com/secunia_research/2009-5/Vendor Advisory
- http://www.securityfocus.com/archive/1/500605/100/0/threaded
- http://www.securityfocus.com/bid/33555
- http://www.vupen.com/english/advisories/2009/0302
- http://secunia.com/advisories/33524Vendor Advisory
- http://secunia.com/secunia_research/2009-5/Vendor Advisory
- http://www.securityfocus.com/archive/1/500605/100/0/threaded
- http://www.securityfocus.com/bid/33555
- http://www.vupen.com/english/advisories/2009/0302
FAQ
What is CVE-2009-0184?
CVE-2009-0184 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name...
How severe is CVE-2009-0184?
CVE-2009-0184 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0184?
Check the references section above for vendor advisories and patch information. Affected products include: Free Download Manager Free Download Manager.