3 matches found
CVE-2009-2564
CVE-2009-2564 describes a local privilege escalation in the NOS getPlus/GetPlus Download Manager used with Adobe Reader (and possibly Corel GetPlus). The core issue is that getPlus_HelperSvc.exe is installed with insecure permissions (Everyone: Full Control), which allows a local user to replace ...
CVE-2008-5364
CVE-2008-5364 refers to a stack-based buffer overflow in the getPlus ActiveX control (gp.ocx 1.2.2.50) used by NOS Microsystems getPlus Download Manager, which is used during the Adobe Reader 8.1 installation process and other downloads. The overflow could allow remote code execution via unspecif...
CVE-2010-0189
The CVE-2010-0189 issue targets Adobe Download Manager’s getPlus ActiveX control (NOS Microsystems) version 1.5.2.35, where insufficient domain-name validation allows an attacker to craft a download site name that, when loaded in Internet Explorer with the ActiveX control, could cause the user to...