← voltar
CVE-2019-25628

Download Accelerator Plus DAP 10.0.6.0 SEH Buffer Overflow

CVSS 9.3 CRITICALEPSS 0.8%CWE-787
Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and executes embedded shellcode when imported through the application's web page import functionality.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Speedbit · Download Accelerator Plus DAP

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.exploit-db.com/exploits/46673https://www.vulncheck.com/advisories/download-accelerator-plus-dap-seh-buffer-overflowhttp://www.speedbit.com/dap/http://www.speedbit.com/dap/download/downloading.asp