Orbit Downloader Connecting log message buffer overflow

Added: 03/04/2009
CVE: CVE-2009-0187
BID: 33894
OSVDB: 52294

Background

Orbit Downloader is a download manager supporting various protocols.

Problem

A buffer overflow vulnerability when constructing “Connecting” log messages allows command execution when a user loads an HTTP URL with a long, specially crafted hostname.

Resolution

Upgrade to Orbit Downloader 2.8.5.

References

<http://secunia.com/secunia_research/2009-9/&gt;

Limitations

Exploit works on Orbit Downloader 2.8.4 and requires a user to load the exploit page in Internet Explorer 6.

Platforms

Windows