3 matches found
KLA10042 Critical vulnerability in Adobe Download Manager
Improper request validation at NOS Microsystems getPlus Download Manager was found in Adobe Download Manager. Malicious users can exploit this vulnerability to bypass security and install arbitrary programs via a specially designed download site name. Original advisories Adobe bulletin Related...
iDefense Security Advisory 02.23.10: Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability
iDefense Security Advisory 02.23.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 23, 2010 I. BACKGROUND The getPlus Downloader is an application download and installation manager, distributed in the form of an ActiveX control. This control is used by Adobe Systems Inc. to install...
CVE-2010-0189
The CVE-2010-0189 issue targets Adobe Download Manager’s getPlus ActiveX control (NOS Microsystems) version 1.5.2.35, where insufficient domain-name validation allows an attacker to craft a download site name that, when loaded in Internet Explorer with the ActiveX control, could cause the user to...