OSVDB ID: 86053 Title: Internet Download Manager Dial Up / VPN Username Field Local Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
Internet Download Manager is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With specially crafted data injected in to the 'Username' field in Dial up / VPN screen, a local attacker can potentially execute arbitrary code or cause a denial of service. |
Classification |
Location:
Local Access Required
Attack Type: Input Manipulation Impact: Loss of Integrity Solution: Solution Unknown Exploit: Exploit Public Disclosure: Third-party Verified, Uncoordinated Disclosure OSVDB: Authentication Required |
Solution |
OSVDB is not aware of a solution for this vulnerability. |
Products |
|
References |
|
Credit |
Unknown or Incomplete |