Orbit Downloader Connecting log message buffer overflow

2009-03-04T00:00:00
ID SAINT:93756EF31B4C8181A68DCA3D8204F84A
Type saint
Reporter SAINT Corporation
Modified 2009-03-04T00:00:00

Description

Added: 03/04/2009
CVE: CVE-2009-0187
BID: 33894
OSVDB: 52294

Background

Orbit Downloader is a download manager supporting various protocols.

Problem

A buffer overflow vulnerability when constructing "Connecting" log messages allows command execution when a user loads an HTTP URL with a long, specially crafted hostname.

Resolution

Upgrade to Orbit Downloader 2.8.5.

References

<http://secunia.com/secunia_research/2009-9/>

Limitations

Exploit works on Orbit Downloader 2.8.4 and requires a user to load the exploit page in Internet Explorer 6.

Platforms

Windows