Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for download_manager by adobe

    CVE-2022-2926 (GCVE-0-2022-2926)

    Vulnerability from nvd – Published: 2022-09-26 12:35 – Updated: 2025-05-21 16:23
    VLAI
    Title
    Download Manager < 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal
    Summary
    The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Unknown Download Manager Affected: 3.2.55 , < 3.2.55 (custom)
    Create a notification for this product.
    Credits
    Raad Haddad of Cloudyrion GmbH
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:52:59.919Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.9,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2926",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-21T16:23:04.080152Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-21T16:23:31.411Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Download Manager",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "3.2.55",
                  "status": "affected",
                  "version": "3.2.55",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Raad Haddad of Cloudyrion GmbH"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-26T12:35:35.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Download Manager \u003c 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2022-2926",
              "STATE": "PUBLIC",
              "TITLE": "Download Manager \u003c 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Download Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "3.2.55",
                                "version_value": "3.2.55"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Unknown"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Raad Haddad of Cloudyrion GmbH"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory"
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785",
                  "refsource": "MISC",
                  "url": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2022-2926",
        "datePublished": "2022-09-26T12:35:35.000Z",
        "dateReserved": "2022-08-22T00:00:00.000Z",
        "dateUpdated": "2025-05-21T16:23:31.411Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9688 (GCVE-0-2020-9688)

    Vulnerability from nvd – Published: 2020-07-17 00:01 – Updated: 2024-08-04 10:34
    VLAI
    Summary
    Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Download Manager Affected: version 2.0.0.518
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.920Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/adm/apsb20-49.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Download Manager",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 2.0.0.518"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-17T00:01:33.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/adm/apsb20-49.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9688",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Download Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "version 2.0.0.518"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/adm/apsb20-49.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/adm/apsb20-49.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9688",
        "datePublished": "2020-07-17T00:01:33.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:34:39.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8071 (GCVE-0-2019-8071)

    Vulnerability from nvd – Published: 2019-10-17 18:03 – Updated: 2024-08-04 21:10
    VLAI
    Summary
    Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.
    Severity
    No CVSS data available.
    CWE
    • Insecure file permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Download Manager Affected: 2.0.0.363 versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:10:32.494Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/adm/apsb19-51.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Download Manager",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0.363 versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Insecure file permissions",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-17T18:03:12.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/adm/apsb19-51.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2019-8071",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Download Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.0.363 versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Insecure file permissions"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/adm/apsb19-51.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/adm/apsb19-51.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2019-8071",
        "datePublished": "2019-10-17T18:03:12.000Z",
        "dateReserved": "2019-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:10:32.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0189 (GCVE-0-2010-0189)

    Vulnerability from nvd – Published: 2010-02-23 20:00 – Updated: 2024-08-07 00:37
    VLAI
    Summary
    A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2010-02-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:37:54.133Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.adobe.com/support/security/bulletins/apsb10-08.html"
              },
              {
                "name": "1023651",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023651"
              },
              {
                "name": "38313",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/38313"
              },
              {
                "name": "ADV-2010-0459",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0459"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.zdnet.com/security/?p=5505"
              },
              {
                "name": "20100223 Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=856"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.akitasecurity.nl/advisory.php?id=AK20090401"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html"
              },
              {
                "name": "38729",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38729"
              },
              {
                "name": "oval:org.mitre.oval:def:7182",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7182"
              },
              {
                "name": "62547",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/62547"
              },
              {
                "name": "adobe-dlmanager-unspecified-file-download(56370)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56370"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-02-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-08.html"
            },
            {
              "name": "1023651",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023651"
            },
            {
              "name": "38313",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/38313"
            },
            {
              "name": "ADV-2010-0459",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0459"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.zdnet.com/security/?p=5505"
            },
            {
              "name": "20100223 Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=856"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.akitasecurity.nl/advisory.php?id=AK20090401"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html"
            },
            {
              "name": "38729",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38729"
            },
            {
              "name": "oval:org.mitre.oval:def:7182",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7182"
            },
            {
              "name": "62547",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/62547"
            },
            {
              "name": "adobe-dlmanager-unspecified-file-download(56370)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56370"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2010-0189",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.adobe.com/support/security/bulletins/apsb10-08.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.adobe.com/support/security/bulletins/apsb10-08.html"
                },
                {
                  "name": "1023651",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023651"
                },
                {
                  "name": "38313",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/38313"
                },
                {
                  "name": "ADV-2010-0459",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0459"
                },
                {
                  "name": "http://blogs.zdnet.com/security/?p=5505",
                  "refsource": "MISC",
                  "url": "http://blogs.zdnet.com/security/?p=5505"
                },
                {
                  "name": "20100223 Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=856"
                },
                {
                  "name": "http://www.akitasecurity.nl/advisory.php?id=AK20090401",
                  "refsource": "MISC",
                  "url": "http://www.akitasecurity.nl/advisory.php?id=AK20090401"
                },
                {
                  "name": "http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx",
                  "refsource": "MISC",
                  "url": "http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx"
                },
                {
                  "name": "http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html",
                  "refsource": "MISC",
                  "url": "http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html"
                },
                {
                  "name": "38729",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38729"
                },
                {
                  "name": "oval:org.mitre.oval:def:7182",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7182"
                },
                {
                  "name": "62547",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/62547"
                },
                {
                  "name": "adobe-dlmanager-unspecified-file-download(56370)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56370"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2010-0189",
        "datePublished": "2010-02-23T20:00:00.000Z",
        "dateReserved": "2010-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:37:54.133Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5856 (GCVE-0-2006-5856)

    Vulnerability from nvd – Published: 2006-12-06 19:00 – Updated: 2024-08-07 20:04
    VLAI
    Summary
    Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-12-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:04:55.685Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-044/"
              },
              {
                "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/453636/100/0/threaded"
              },
              {
                "name": "23233",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23233"
              },
              {
                "name": "VU#448569",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/448569"
              },
              {
                "name": "20061207 ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/453755/100/0/threaded"
              },
              {
                "name": "21453",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21453"
              },
              {
                "name": "adobe-download-aom-bo(30742)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30742"
              },
              {
                "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html"
              },
              {
                "name": "1017340",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017340"
              },
              {
                "name": "ADV-2006-4867",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4867"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://research.eeye.com/html/advisories/published/AD20061205.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.adobe.com/support/security/bulletins/apsb06-19.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-12-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-044/"
            },
            {
              "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/453636/100/0/threaded"
            },
            {
              "name": "23233",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23233"
            },
            {
              "name": "VU#448569",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/448569"
            },
            {
              "name": "20061207 ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/453755/100/0/threaded"
            },
            {
              "name": "21453",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21453"
            },
            {
              "name": "adobe-download-aom-bo(30742)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30742"
            },
            {
              "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html"
            },
            {
              "name": "1017340",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017340"
            },
            {
              "name": "ADV-2006-4867",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4867"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://research.eeye.com/html/advisories/published/AD20061205.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb06-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5856",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-044/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-044/"
                },
                {
                  "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/453636/100/0/threaded"
                },
                {
                  "name": "23233",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23233"
                },
                {
                  "name": "VU#448569",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/448569"
                },
                {
                  "name": "20061207 ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/453755/100/0/threaded"
                },
                {
                  "name": "21453",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21453"
                },
                {
                  "name": "adobe-download-aom-bo(30742)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30742"
                },
                {
                  "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html"
                },
                {
                  "name": "1017340",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017340"
                },
                {
                  "name": "ADV-2006-4867",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4867"
                },
                {
                  "name": "http://research.eeye.com/html/advisories/published/AD20061205.html",
                  "refsource": "MISC",
                  "url": "http://research.eeye.com/html/advisories/published/AD20061205.html"
                },
                {
                  "name": "http://www.adobe.com/support/security/bulletins/apsb06-19.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.adobe.com/support/security/bulletins/apsb06-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5856",
        "datePublished": "2006-12-06T19:00:00.000Z",
        "dateReserved": "2006-11-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:04:55.685Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2926 (GCVE-0-2022-2926)

    Vulnerability from cvelistv5 – Published: 2022-09-26 12:35 – Updated: 2025-05-21 16:23
    VLAI
    Title
    Download Manager < 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal
    Summary
    The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Unknown Download Manager Affected: 3.2.55 , < 3.2.55 (custom)
    Create a notification for this product.
    Credits
    Raad Haddad of Cloudyrion GmbH
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:52:59.919Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.9,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2926",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-21T16:23:04.080152Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-21T16:23:31.411Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Download Manager",
              "vendor": "Unknown",
              "versions": [
                {
                  "lessThan": "3.2.55",
                  "status": "affected",
                  "version": "3.2.55",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Raad Haddad of Cloudyrion GmbH"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-26T12:35:35.000Z",
            "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            "shortName": "WPScan"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Download Manager \u003c 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal",
          "x_generator": "WPScan CVE Generator",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "contact@wpscan.com",
              "ID": "CVE-2022-2926",
              "STATE": "PUBLIC",
              "TITLE": "Download Manager \u003c 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Download Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "3.2.55",
                                "version_value": "3.2.55"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Unknown"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Raad Haddad of Cloudyrion GmbH"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory"
                }
              ]
            },
            "generator": "WPScan CVE Generator",
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785",
                  "refsource": "MISC",
                  "url": "https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "assignerShortName": "WPScan",
        "cveId": "CVE-2022-2926",
        "datePublished": "2022-09-26T12:35:35.000Z",
        "dateReserved": "2022-08-22T00:00:00.000Z",
        "dateUpdated": "2025-05-21T16:23:31.411Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9688 (GCVE-0-2020-9688)

    Vulnerability from cvelistv5 – Published: 2020-07-17 00:01 – Updated: 2024-08-04 10:34
    VLAI
    Summary
    Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Download Manager Affected: version 2.0.0.518
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.920Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/adm/apsb20-49.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Download Manager",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 2.0.0.518"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-17T00:01:33.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/adm/apsb20-49.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9688",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Download Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "version 2.0.0.518"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/adm/apsb20-49.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/adm/apsb20-49.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9688",
        "datePublished": "2020-07-17T00:01:33.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:34:39.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8071 (GCVE-0-2019-8071)

    Vulnerability from cvelistv5 – Published: 2019-10-17 18:03 – Updated: 2024-08-04 21:10
    VLAI
    Summary
    Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.
    Severity
    No CVSS data available.
    CWE
    • Insecure file permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Download Manager Affected: 2.0.0.363 versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:10:32.494Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/adm/apsb19-51.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Download Manager",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0.363 versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Insecure file permissions",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-17T18:03:12.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/adm/apsb19-51.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2019-8071",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Download Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.0.363 versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Insecure file permissions"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/adm/apsb19-51.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/adm/apsb19-51.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2019-8071",
        "datePublished": "2019-10-17T18:03:12.000Z",
        "dateReserved": "2019-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:10:32.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0189 (GCVE-0-2010-0189)

    Vulnerability from cvelistv5 – Published: 2010-02-23 20:00 – Updated: 2024-08-07 00:37
    VLAI
    Summary
    A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2010-02-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:37:54.133Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.adobe.com/support/security/bulletins/apsb10-08.html"
              },
              {
                "name": "1023651",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023651"
              },
              {
                "name": "38313",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/38313"
              },
              {
                "name": "ADV-2010-0459",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0459"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.zdnet.com/security/?p=5505"
              },
              {
                "name": "20100223 Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=856"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.akitasecurity.nl/advisory.php?id=AK20090401"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html"
              },
              {
                "name": "38729",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38729"
              },
              {
                "name": "oval:org.mitre.oval:def:7182",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7182"
              },
              {
                "name": "62547",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/62547"
              },
              {
                "name": "adobe-dlmanager-unspecified-file-download(56370)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56370"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-02-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-08.html"
            },
            {
              "name": "1023651",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023651"
            },
            {
              "name": "38313",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/38313"
            },
            {
              "name": "ADV-2010-0459",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0459"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.zdnet.com/security/?p=5505"
            },
            {
              "name": "20100223 Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=856"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.akitasecurity.nl/advisory.php?id=AK20090401"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html"
            },
            {
              "name": "38729",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38729"
            },
            {
              "name": "oval:org.mitre.oval:def:7182",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7182"
            },
            {
              "name": "62547",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/62547"
            },
            {
              "name": "adobe-dlmanager-unspecified-file-download(56370)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56370"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2010-0189",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.adobe.com/support/security/bulletins/apsb10-08.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.adobe.com/support/security/bulletins/apsb10-08.html"
                },
                {
                  "name": "1023651",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023651"
                },
                {
                  "name": "38313",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/38313"
                },
                {
                  "name": "ADV-2010-0459",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0459"
                },
                {
                  "name": "http://blogs.zdnet.com/security/?p=5505",
                  "refsource": "MISC",
                  "url": "http://blogs.zdnet.com/security/?p=5505"
                },
                {
                  "name": "20100223 Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=856"
                },
                {
                  "name": "http://www.akitasecurity.nl/advisory.php?id=AK20090401",
                  "refsource": "MISC",
                  "url": "http://www.akitasecurity.nl/advisory.php?id=AK20090401"
                },
                {
                  "name": "http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx",
                  "refsource": "MISC",
                  "url": "http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx"
                },
                {
                  "name": "http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html",
                  "refsource": "MISC",
                  "url": "http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html"
                },
                {
                  "name": "38729",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38729"
                },
                {
                  "name": "oval:org.mitre.oval:def:7182",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7182"
                },
                {
                  "name": "62547",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/62547"
                },
                {
                  "name": "adobe-dlmanager-unspecified-file-download(56370)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56370"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2010-0189",
        "datePublished": "2010-02-23T20:00:00.000Z",
        "dateReserved": "2010-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:37:54.133Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5856 (GCVE-0-2006-5856)

    Vulnerability from cvelistv5 – Published: 2006-12-06 19:00 – Updated: 2024-08-07 20:04
    VLAI
    Summary
    Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-12-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:04:55.685Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-044/"
              },
              {
                "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/453636/100/0/threaded"
              },
              {
                "name": "23233",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23233"
              },
              {
                "name": "VU#448569",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/448569"
              },
              {
                "name": "20061207 ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/453755/100/0/threaded"
              },
              {
                "name": "21453",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21453"
              },
              {
                "name": "adobe-download-aom-bo(30742)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30742"
              },
              {
                "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html"
              },
              {
                "name": "1017340",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017340"
              },
              {
                "name": "ADV-2006-4867",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4867"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://research.eeye.com/html/advisories/published/AD20061205.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.adobe.com/support/security/bulletins/apsb06-19.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-12-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-044/"
            },
            {
              "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/453636/100/0/threaded"
            },
            {
              "name": "23233",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23233"
            },
            {
              "name": "VU#448569",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/448569"
            },
            {
              "name": "20061207 ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/453755/100/0/threaded"
            },
            {
              "name": "21453",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21453"
            },
            {
              "name": "adobe-download-aom-bo(30742)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30742"
            },
            {
              "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html"
            },
            {
              "name": "1017340",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017340"
            },
            {
              "name": "ADV-2006-4867",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4867"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://research.eeye.com/html/advisories/published/AD20061205.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb06-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5856",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-044/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-044/"
                },
                {
                  "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/453636/100/0/threaded"
                },
                {
                  "name": "23233",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23233"
                },
                {
                  "name": "VU#448569",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/448569"
                },
                {
                  "name": "20061207 ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/453755/100/0/threaded"
                },
                {
                  "name": "21453",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21453"
                },
                {
                  "name": "adobe-download-aom-bo(30742)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30742"
                },
                {
                  "name": "20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html"
                },
                {
                  "name": "1017340",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017340"
                },
                {
                  "name": "ADV-2006-4867",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4867"
                },
                {
                  "name": "http://research.eeye.com/html/advisories/published/AD20061205.html",
                  "refsource": "MISC",
                  "url": "http://research.eeye.com/html/advisories/published/AD20061205.html"
                },
                {
                  "name": "http://www.adobe.com/support/security/bulletins/apsb06-19.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.adobe.com/support/security/bulletins/apsb06-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5856",
        "datePublished": "2006-12-06T19:00:00.000Z",
        "dateReserved": "2006-11-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:04:55.685Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }