Search...

Internet Download Manager FTP Buffer Overflow Vulnerability

2010-05-19T00:00:00

ID OPENVAS:800776
Type openvas
Reporter Copyright (c) 2010 Greenbone Networks GmbH
Modified 2017-02-20T00:00:00

Description

This host is installed with Internet Download Manager and is prone to buffer overflow vulnerability.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_internet_download_manager_bof_vuln.nasl 5374 2017-02-20 16:36:11Z cfi $
#
# Internet Download Manager FTP Buffer Overflow Vulnerability
#
# Authors:
# Madhuri D &lt;dmadhuri@secpod.com&gt;
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation will allow remote attackers to execute arbitrary code.
  Impact Level: Application.";
tag_affected = "Internet Download Manager version prior to 5.19";

tag_insight = "The flaw exists due to boundary error when sending certain test sequences to
  an 'FTP' server, which leads a stack-based buffer overflow by tricking a user
  into downloading a file from a specially crafted FTP URI.";
tag_solution = "Upgrade to the Internet Download Manager 5.19
  For updates refer to http://www.internetdownloadmanager.com/download.html";
tag_summary = "This host is installed with Internet Download Manager and is prone
  to buffer overflow vulnerability.";

if(description)
{
  script_id(800776);
  script_version("$Revision: 5374 $");
  script_tag(name:"last_modification", value:"$Date: 2017-02-20 17:36:11 +0100 (Mon, 20 Feb 2017) $");
  script_tag(name:"creation_date", value:"2010-05-19 14:50:39 +0200 (Wed, 19 May 2010)");
  script_cve_id("CVE-2010-0995");
  script_bugtraq_id(39822);
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_name("Internet Download Manager FTP Buffer Overflow Vulnerability");
  script_xref(name : "URL" , value : "http://secunia.com/advisories/39446");
  script_xref(name : "URL" , value : "http://secunia.com/secunia_research/2010-62/");
  script_xref(name : "URL" , value : "http://www.securityfocus.com/archive/1/archive/1/511060/100/0/threaded");

  script_tag(name:"qod_type", value:"executable_version");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Buffer overflow");
  script_dependencies("secpod_reg_enum.nasl");
  script_mandatory_keys("SMB/WindowsVersion");
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  exit(0);
}


include("smb_nt.inc");
include("version_func.inc");
include("secpod_smb_func.inc");

if(!get_kb_item("SMB/WindowsVersion")){
  exit(0);
}

key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" +
       "\Internet Download Manager";
if(!registry_key_exists(key:key)){
  exit(0);
}

## Check for Internet Download Manager DisplayName
idmName = registry_get_sz(key:key, item:"DisplayName");
if("Internet Download Manager" &gt;&lt; idmName)
{
  ## Check for Internet Download Manager DisplayIcon
  idmPath = registry_get_sz(key:key + item, item:"DisplayIcon");

  if(!isnull(idmPath))
  {
    share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:idmPath);
    fire = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:idmPath);

    ## Check for Internet Download Manager .exe File Version
    idmVer = GetVer(file:fire, share:share);
    if(idmVer != NULL)
    {
      ## Check for Internet Download Manager versiom less that '5.19'
      if(version_is_less(version:idmVer, test_version:"5.19.2.1")){
        security_message(0) ;
      }
    }
  }
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:800776", "type": "openvas", "bulletinFamily": "scanner", "title": "Internet Download Manager FTP Buffer Overflow Vulnerability", "description": "This host is installed with Internet Download Manager and is prone\n to buffer overflow vulnerability.", "published": "2010-05-19T00:00:00", "modified": "2017-02-20T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=800776", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/archive/1/archive/1/511060/100/0/threaded", "http://secunia.com/secunia_research/2010-62/", "http://secunia.com/advisories/39446"], "cvelist": ["CVE-2010-0995"], "lastseen": "2017-07-02T21:09:51", "viewCount": 1, "enchantments": {"score": {"value": 8.9, "vector": "NONE", "modified": "2017-07-02T21:09:51", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-0995"]}, {"type": "seebug", "idList": ["SSV:19544"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23739", "SECURITYVULNS:VULN:10807"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310800776"]}], "modified": "2017-07-02T21:09:51", "rev": 2}, "vulnersScore": 8.9}, "pluginID": "800776", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_internet_download_manager_bof_vuln.nasl 5374 2017-02-20 16:36:11Z cfi $\n#\n# Internet Download Manager FTP Buffer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to execute arbitrary code.\n Impact Level: Application.\";\ntag_affected = \"Internet Download Manager version prior to 5.19\";\n\ntag_insight = \"The flaw exists due to boundary error when sending certain test sequences to\n an 'FTP' server, which leads a stack-based buffer overflow by tricking a user\n into downloading a file from a specially crafted FTP URI.\";\ntag_solution = \"Upgrade to the Internet Download Manager 5.19\n For updates refer to http://www.internetdownloadmanager.com/download.html\";\ntag_summary = \"This host is installed with Internet Download Manager and is prone\n to buffer overflow vulnerability.\";\n\nif(description)\n{\n script_id(800776);\n script_version(\"$Revision: 5374 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 17:36:11 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-19 14:50:39 +0200 (Wed, 19 May 2010)\");\n script_cve_id(\"CVE-2010-0995\");\n script_bugtraq_id(39822);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Internet Download Manager FTP Buffer Overflow Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/39446\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/secunia_research/2010-62/\");\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/archive/1/archive/1/511060/100/0/threaded\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!get_kb_item(\"SMB/WindowsVersion\")){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\" +\n \"\\Internet Download Manager\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\n## Check for Internet Download Manager DisplayName\nidmName = registry_get_sz(key:key, item:\"DisplayName\");\nif(\"Internet Download Manager\" >< idmName)\n{\n ## Check for Internet Download Manager DisplayIcon\n idmPath = registry_get_sz(key:key + item, item:\"DisplayIcon\");\n\n if(!isnull(idmPath))\n {\n share = ereg_replace(pattern:\"([A-Z]):.*\", replace:\"\\1$\", string:idmPath);\n fire = ereg_replace(pattern:\"[A-Z]:(.*)\", replace:\"\\1\", string:idmPath);\n\n ## Check for Internet Download Manager .exe File Version\n idmVer = GetVer(file:fire, share:share);\n if(idmVer != NULL)\n {\n ## Check for Internet Download Manager versiom less that '5.19'\n if(version_is_less(version:idmVer, test_version:\"5.19.2.1\")){\n security_message(0) ;\n }\n }\n }\n}\n", "naslFamily": "Buffer overflow", "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:44:56", "description": "Stack-based buffer overflow in Internet Download Manager (IDM) before 5.19 allows remote attackers to execute arbitrary code via a crafted FTP URI that causes unspecified \"test sequences\" to be sent from client to server.", "edition": 6, "cvss3": {}, "published": "2010-05-06T14:53:00", "title": "CVE-2010-0995", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0995"], "modified": "2018-10-10T19:55:00", "cpe": ["cpe:/a:tonec:internet_download_manager:5.18"], "id": "CVE-2010-0995", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0995", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:tonec:internet_download_manager:5.18:*:*:*:*:*:*:*"]}], "seebug": [{"lastseen": "2017-11-19T18:12:03", "description": "BUGTRAQ ID: 39822\r\nCVE ID: CVE-2010-0995\r\n\r\nInternet Download Manager\u662f\u4e00\u6b3e\u4e0b\u8f7d\u52a0\u901f\u5de5\u5177\u3002\r\n\r\nInternet Download Manager\u5728\u5411FTP\u670d\u52a1\u5668\u53d1\u9001\u67d0\u4e9b\u6d4b\u8bd5\u5e8f\u5217\u65f6\u5b58\u5728\u6808\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u7528\u6237\u53d7\u9a97\u4ece\u7279\u5236\u7684FTP URI\u4e0b\u8f7d\u4e86\u7279\u5236\u6587\u4ef6\u5c31\u53ef\u4ee5\u89e6\u53d1\u8fd9\u4e2a\u6ea2\u51fa\uff0c\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n\nTonec Internet Download Manager 5.18\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nTonec\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.internetdownloadmanager.com/", "published": "2010-05-04T00:00:00", "type": "seebug", "title": "Tonec Internet Download Manager 5.18 \u8d85\u957fFTP URI\u6808\u6ea2\u51fa\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2010-0995"], "modified": "2010-05-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19544", "id": "SSV:19544", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:34", "bulletinFamily": "software", "cvelist": ["CVE-2010-0995"], "description": "====================================================================== \r\n\r\n Secunia Research 30/04/2010\r\n\r\n - Internet Download Manager FTP Buffer Overflow Vulnerability -\r\n\r\n====================================================================== \r\nTable of Contents\r\n\r\nAffected Software....................................................1\r\nSeverity.............................................................2\r\nVendor's Description of Software.....................................3\r\nDescription of Vulnerability.........................................4\r\nSolution.............................................................5\r\nTime Table...........................................................6\r\nCredits..............................................................7\r\nReferences...........................................................8\r\nAbout Secunia........................................................9\r\nVerification........................................................10\r\n\r\n====================================================================== \r\n1) Affected Software \r\n\r\n* Internet Download Manager version 5.18\r\n\r\nNOTE: Other versions may also be affected.\r\n\r\n====================================================================== \r\n2) Severity \r\n\r\nRating: Highly critical\r\nImpact: System access\r\nWhere: Remote\r\n\r\n====================================================================== \r\n3) Vendor's Description of Software \r\n\r\n"Internet Download Manager (IDM) is a tool to increase download speeds\r\nby up to 5 times, resume and schedule downloads. Comprehensive error\r\nrecovery and resume capability will restart broken or interrupted \r\ndownloads due to lost connections, network problems, computer \r\nshutdowns, or unexpected power outages.".\r\n\r\nProduct Link:\r\nhttp://www.internetdownloadmanager.com/\r\n\r\n====================================================================== \r\n4) Description of Vulnerability\r\n\r\nSecunia Research has discovered a vulnerability in Internet Download\r\nManager, which can be exploited by malicious people to compromise a \r\nuser's system.\r\n\r\nThe vulnerability is caused by a boundary error when sending certain \r\ntest sequences to an FTP server. This can be exploited to cause a \r\nstack-based buffer overflow by e.g. tricking a user into downloading \r\na file from a specially crafted FTP URI.\r\n\r\nSuccessful exploitation allows execution of arbitrary code.\r\n\r\n====================================================================== \r\n5) Solution \r\n\r\nUpdate to version 5.19.\r\n\r\n====================================================================== \r\n6) Time Table \r\n\r\n16/04/2010 - Vendor notified.\r\n22/04/2010 - Vendor response.\r\n27/04/2010 - Vendor releases fixed version.\r\n30/04/2010 - Public disclosure.\r\n\r\n====================================================================== \r\n7) Credits \r\n\r\nDiscovered by Stefan Cornelius, Secunia Research.\r\n\r\n====================================================================== \r\n8) References\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \r\nCVE-2010-0995 for the vulnerability.\r\n\r\n====================================================================== \r\n9) About Secunia\r\n\r\nSecunia offers vulnerability management solutions to corporate\r\ncustomers with verified and reliable vulnerability intelligence\r\nrelevant to their specific system configuration:\r\n\r\nhttp://secunia.com/advisories/business_solutions/\r\n\r\nSecunia also provides a publicly accessible and comprehensive advisory\r\ndatabase as a service to the security community and private \r\nindividuals, who are interested in or concerned about IT-security.\r\n\r\nhttp://secunia.com/advisories/\r\n\r\nSecunia believes that it is important to support the community and to\r\ndo active vulnerability research in order to aid improving the \r\nsecurity and reliability of software in general:\r\n\r\nhttp://secunia.com/secunia_research/\r\n\r\nSecunia regularly hires new skilled team members. Check the URL below\r\nto see currently vacant positions:\r\n\r\nhttp://secunia.com/corporate/jobs/\r\n\r\nSecunia offers a FREE mailing list called Secunia Security Advisories:\r\n\r\nhttp://secunia.com/advisories/mailing_lists/\r\n\r\n====================================================================== \r\n10) Verification \r\n\r\nPlease verify this advisory by visiting the Secunia website:\r\nhttp://secunia.com/secunia_research/2010-62/\r\n\r\nComplete list of vulnerability reports published by Secunia Research:\r\nhttp://secunia.com/secunia_research/\r\n\r\n======================================================================", "edition": 1, "modified": "2010-04-30T00:00:00", "published": "2010-04-30T00:00:00", "id": "SECURITYVULNS:DOC:23739", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23739", "title": "Secunia Research: Internet Download Manager FTP Buffer Overflow Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:36", "bulletinFamily": "software", "cvelist": ["CVE-2010-0995"], "description": "Buffer overflow on ftp:// URI processing.", "edition": 1, "modified": "2010-04-30T00:00:00", "published": "2010-04-30T00:00:00", "id": "SECURITYVULNS:VULN:10807", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10807", "title": "Internet Download Manager buffer overflow", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2020-03-06T19:03:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0995"], "description": "This host is installed with Internet Download Manager and is prone\n to a buffer overflow vulnerability.", "modified": "2020-03-04T00:00:00", "published": "2010-05-19T00:00:00", "id": "OPENVAS:1361412562310800776", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800776", "type": "openvas", "title": "Internet Download Manager FTP Buffer Overflow Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Internet Download Manager FTP Buffer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800776\");\n script_version(\"2020-03-04T08:41:18+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 08:41:18 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-05-19 14:50:39 +0200 (Wed, 19 May 2010)\");\n script_cve_id(\"CVE-2010-0995\");\n script_bugtraq_id(39822);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Internet Download Manager FTP Buffer Overflow Vulnerability\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/39446\");\n script_xref(name:\"URL\", value:\"http://secunia.com/secunia_research/2010-62/\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/archive/1/511060/100/0/threaded\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to boundary error when sending certain test sequences to\n an 'FTP' server, which leads a stack-based buffer overflow by tricking a user\n into downloading a file from a specially crafted FTP URI.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the Internet Download Manager 5.19.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Internet Download Manager and is prone\n to a buffer overflow vulnerability.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"Internet Download Manager version prior to 5.19.\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!get_kb_item(\"SMB/WindowsVersion\"))\n exit(0);\n\nkey = \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Internet Download Manager\";\nif(!registry_key_exists(key:key))\n exit(0);\n\nidmName = registry_get_sz(key:key, item:\"DisplayName\");\nif(\"Internet Download Manager\" >< idmName) {\n idmPath = registry_get_sz(key:key, item:\"DisplayIcon\");\n\n if(idmPath) {\n share = ereg_replace(pattern:\"([A-Z]):.*\", replace:\"\\1$\", string:idmPath);\n fire = ereg_replace(pattern:\"[A-Z]:(.*)\", replace:\"\\1\", string:idmPath);\n\n idmVer = GetVer(file:fire, share:share);\n if(idmVer) {\n if(version_is_less(version:idmVer, test_version:\"5.19.2.1\")) {\n report = report_fixed_ver(installed_version:idmVer, fixed_version:\"5.19.2.1\", file_checked:idmPath);\n security_message(port:0, data:report);\n }\n }\n }\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}