2 matches found
KLA10286 WLF vulnerability in Orbit Downloader
An argument injection vulnerability was found in Orbit Downloader. By exploiting this vulnerability malicious users can overwrite arbitrary files. This vulnerability can be exploited remotely via a specially designed method call. Original advisories - Exploitation Public exploits exist for this...
CVE-2009-1064
CVE-2009-1064 targets Orbit Downloader (ActiveX control orbitmxt.dll 2.1.0.2) and affects Orbit Downloader versions 2.8.7 and earlier. The issue is an argument-injection flaw in the download method that allows a remote attacker to overwrite arbitrary files by crafting whitespace, a command-line s...