PT-2008-4599 · Speedbit · Download Accelerator Plus

H07

Publicado

2008-07-15

Atualizado

2017-09-29

CVE-2008-3182

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Download Accelerator Plus (DAP) versions 7.0.1.3 through 8.x

Description: A stack-based buffer overflow issue exists, allowing remote attackers to execute arbitrary code via an M3U (.m3u) file containing a long MP3 URL.

Recommendations: For Download Accelerator Plus (DAP) versions 7.0.1.3 through 8.x, avoid using the software to open M3U files from untrusted sources until a patch is available. As a temporary workaround, consider disabling the handling of M3U files in DAP to minimize the risk of exploitation.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2008-3182

Produtos afetados

Download Accelerator Plus

PT-2008-4599 · Speedbit · Download Accelerator Plus

CVE-2008-3182

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8