CVE

Id
69382  
CVE No.
CVE-2014-2087  
Status
Candidate  
Description
Stack-based buffer overflow in the CDownloads_Deleted::UpdateDownload function in Downloads_Deleted.cpp in Free Download Manager 3.9.3 build 1360, 3.8 build 1173, 3.0 build 852, and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name, which is then deleted from the download queue by the user.  
Phase
Assigned (20140224)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
665418 69382 CVE-2014-2087 BUGTRAQ:20140313 [CVE-2014-2087] Free Download Manager CDownloads_Deleted::UpdateDownload() Buffer Overflow Remote Code Execution  View
665419 69382 CVE-2014-2087 URL:http://www.securityfocus.com/archive/1/archive/1/531465/100/0/threaded  View
665420 69382 CVE-2014-2087 FULLDISC:20140313 [CVE-2014-2087] Free Download Manager CDownloads_Deleted::UpdateDownload() Buffer Overflow Remote Code Execution  View
665421 69382 CVE-2014-2087 URL:http://seclists.org/fulldisclosure/2014/Mar/137  View
665422 69382 CVE-2014-2087 MISC:https://www.rcesecurity.com/2014/03/cve-2014-2087-free-download-manager-cdownloads_deleted-updatedownload-remote-code-execution  View
665423 69382 CVE-2014-2087 BID:66211  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
12593 JVNDB-2014-001468 Catfish における権限を取得される脆弱性 Catfish には、Fedora パッケージが使用されていない場合、検索パスに関する処理に不備があるため、権限を取得される脆弱性が存在します。 CVE-2014-2095 69382 4.6 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001468.html  View