CVE-2019-25478

GetGo Download Manager 6.2.2.3300 Buffer Overflow DoS

CVSS 8.7 HIGHEPSS 0.5%CWE-787

GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. Attackers can craft malicious HTTP responses with oversized header values to crash the application and make it unavailable.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Getgosoft · GetGo Download Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.exploit-db.com/exploits/47282 https://www.vulncheck.com/advisories/getgo-download-manager-buffer-overflow-dos http://www.getgosoft.com/getgodm/