Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a torrent file, or (3) a long comment in a torrent file.
Published 2009-02-03 19:30:00
Updated 2018-10-11 21:00:35
View at NVD,   CVE.org
Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2009-0184

67.18%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2009-0184

  • Free Download Manager Torrent Parsing Buffer Overflow
    Disclosure Date: 2009-02-02
    First seen: 2020-04-26
    exploit/windows/fileformat/fdm_torrent
    This module exploits a stack buffer overflow in Free Download Manager 3.0 Build 844. Arbitrary code execution could occur when parsing a specially crafted torrent file. Authors: - SkD <skdrat@hotmail.com> - jduck <jduck@metasploit.com>

CVSS scores for CVE-2009-0184

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
9.3
HIGH AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
NIST

CWE ids for CVE-2009-0184

References for CVE-2009-0184

Products affected by CVE-2009-0184

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!