21 matches found
EUVD-2008-5341
Malware in sbrugna...
Adobe Download Manager getPlus ActiveX Control Buffer Overflow (APSB10-02; CVE-2009-3958)
Adobe Download Manager DLM is a small application that is used to deliver Adobe products over the Internet. It contains licensed technology from NOS Microsystems called "getPlus" to support the transfer of information between Adobe.com and a connected user. A stack buffer overflow vulnerability...
getPlus insufficient domain name validation vulnerability
------------------------------------------------------------------------ getPlus insufficient domain name validation vulnerability ------------------------------------------------------------------------ Yorick Koster, April 2009...
KLA10042 Critical vulnerability in Adobe Download Manager
Improper request validation at NOS Microsystems getPlus Download Manager was found in Adobe Download Manager. Malicious users can exploit this vulnerability to bypass security and install arbitrary programs via a specially designed download site name. Original advisories Adobe bulletin Related...
iDefense Security Advisory 02.23.10: Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability
iDefense Security Advisory 02.23.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 23, 2010 I. BACKGROUND The getPlus Downloader is an application download and installation manager, distributed in the form of an ActiveX control. This control is used by Adobe Systems Inc. to install...
CVE-2010-0189
A certain ActiveX control in NOS Microsystems getPlus Download Manager aka DLM or Downloader 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary...
CVE-2010-0189
A certain ActiveX control in NOS Microsystems getPlus Download Manager aka DLM or Downloader 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary...
CVE-2010-0189
The CVE-2010-0189 issue targets Adobe Download Manager’s getPlus ActiveX control (NOS Microsystems) version 1.5.2.35, where insufficient domain-name validation allows an attacker to craft a download site name that, when loaded in Internet Explorer with the ActiveX control, could cause the user to...
Code injection
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlusHelperSvc.exe with insecure permissions Everyone:Full Control, which allows local users to...
CVE-2009-2564
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlusHelperSvc.exe with insecure permissions Everyone:Full Control, which allows local users to...
CVE-2009-2564
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlusHelperSvc.exe with insecure permissions Everyone:Full Control, which allows local users to...
CVE-2009-2564
CVE-2009-2564 describes a local privilege escalation in the NOS getPlus/GetPlus Download Manager used with Adobe Reader (and possibly Corel GetPlus). The core issue is that getPlus_HelperSvc.exe is installed with insecure permissions (Everyone: Full Control), which allows a local user to replace ...
Adobe Privilege Escalation
Adobe related service getPlusHelperSvc.exe local elevation of privileges by Nine:Situations:Group site: http://retrogod.altervista.org/ description: Adobe downloader used to download updates for Adobe applications. Shipped with Acrobat Reader 9.x vendor: Nos Microsystems poc: C:\sc qc "getPlusR...
Adobe 9.x Related Service - 'getPlus_HelperSvc.exe' Local Privilege Escalation
Adobe related service getPlusHelperSvc.exe local elevation of privileges by Nine:Situations:Group site: http://retrogod.altervista.org/ description: Adobe downloader used to download updates for Adobe applications. Shipped with Acrobat Reader 9.x vendor: Nos Microsystems poc: C:\sc qc "getPlusR...
Adobe 9.x Related Service - getPlus_HelperSvc.exe Local Privilege Escalation
Adobe 9.x Related Service - getPlusHelperSvc.exe Local Privilege Escalation Adobe related service getPlusHelperSvc.exe local elevation of privileges by Nine:Situations:Group site: http://retrogod.altervista.org/ description: Adobe downloader used to download updates for Adobe applications. Shippe...
Adobe related service (getPlus_HelperSvc.exe) Local Privilege Escalation
Exploit for unknown platform in category local exploits ======================================================================== Adobe related service getPlusHelperSvc.exe Local Privilege Escalation ======================================================================== Adobe related service...
Adobe related service (getPlus_HelperSvc.exe) Local Privilege Escalation
No description provided by source. Adobe related service getPlusHelperSvc.exe local elevation of privileges by Nine:Situations:Group site: http://retrogod.altervista.org/ description: Adobe downloader used to download updates for Adobe applications. Shipped with Acrobat Reader 9.x vendor: Nos...
Stack overflow
Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than...
CVE-2008-5364
Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than...
iDefense Security Advisory 11.04.08: Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability
iDefense Security Advisory 11.04.08 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 04, 2008 I. BACKGROUND The getPlus Download Manager is a software management tool. It is used to download, install, and update other software through the browser. The getPlus Download Manager consists o...