PT-2008-4599 · Speedbit · Download Accelerator Plus

H07

Published

2008-07-15

Updated

2017-09-29

CVE-2008-3182

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Download Accelerator Plus (DAP) versions 7.0.1.3 through 8.x

Description: A stack-based buffer overflow issue exists, allowing remote attackers to execute arbitrary code via an M3U (.m3u) file containing a long MP3 URL.

Recommendations: For Download Accelerator Plus (DAP) versions 7.0.1.3 through 8.x, avoid using the software to open M3U files from untrusted sources until a patch is available. As a temporary workaround, consider disabling the handling of M3U files in DAP to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2008-3182

Affected Products

Download Accelerator Plus

PT-2008-4599 · Speedbit · Download Accelerator Plus

CVE-2008-3182

Weakness Enumeration

Related Identifiers

Affected Products

References · 8