Published: 18/03/2014 Updated: 09/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the CDownloads_Deleted::UpdateDownload function in Downloads_Deleted.cpp in Free Download Manager 3.9.3 build 1360, 3.8 build 1173, 3.0 build 852, and previous versions allows user-assisted remote malicious users to execute arbitrary code via a long file name, which is then deleted from the download queue by the user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freedownloadmanager free download manager 3.9.3
freedownloadmanager free download manager 3.8

RCE Security Advisory wwwrcesecuritycom 1 ADVISORY INFORMATION ----------------------- Product: Free Download Manager Vendor URL: wwwfreedownloadmanagerorg Type: Stack-based Buffer Overflow [CWE-121] Date found: 2014-02-20 Date published: 2014-02-13 CVSSv2 Score: 9,3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE: ...

Free Download Manager versions 393 build 1360, 38 build 1173, 30 build 852, and possibly others are affected by a stack-based buffer overflow vulnerability Proof of concept code included ...

CWE-119 https://www.rcesecurity.com/2014/03/cve-2014-2087-free-download-manager-cdownloads_deleted-updatedownload-remote-code-execution http://www.securityfocus.com/bid/66211 http://seclists.org/fulldisclosure/2014/Mar/137 http://www.securityfocus.com/archive/1/531465/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/32332/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-2087

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect