Lucene search
RootSSV:4835HistoryFeb 26, 2009 - 12:00 a.m.
Orbit Downloader Connecting日志消息栈溢出漏洞
2009-02-2600:00:00
Root
www.seebug.org
9
0.966 High
EPSS
Percentile
99.5%
BUGTRAQ ID: 33894
CVE(CAN) ID: CVE-2009-0187
Orbit Downloader是用于从视频共享网站下载流媒体的下载管理器。
Orbit Downloader在对HTTP下载生成Connecting日志消息时存在栈溢出漏洞,如果用户受骗连接到了恶意的HTTP服务器进行下载或打开了包含有超长主机名的特制HTTP URL的话,就可能触发这个溢出,导致执行任意代码。
OrbitDownloader.com Orbit Downloader 2.8.3
OrbitDownloader.com Orbit Downloader 2.8.2
厂商补丁:
OrbitDownloader.com
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.orbitdownloader.com/download.htm” target=“_blank”>http://www.orbitdownloader.com/download.htm</a>
Related
packetstorm
packetstorm
Orbit Downloader Connecting Log Creation Buffer Overflow
2009-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Orbit Downloader Long URL Stack Buffer Overflow (CVE-2009-0187)
2010-01-06 00:00:00
Orbit Downloader Long URL Stack Buffer Overflow - Ver2 (CVE-2009-0187)
2014-01-07 00:00:00
Orbit Downloader URL Parameter Buffer Overflow - Ver2 (CVE-2009-0187)
2014-02-03 00:00:00
saint
saint
Orbit Downloader Connecting log message buffer overflow
2009-03-04 00:00:00
Orbit Downloader Connecting log message buffer overflow
2009-03-04 00:00:00
Orbit Downloader Connecting log message buffer overflow
2009-03-04 00:00:00
cve
cve
CVE-2009-0187
2009-02-26 16:17:00
prion
prion
Stack overflow
2009-02-26 16:17:00
cvelist
cvelist
CVE-2009-0187
2009-02-26 16:00:00
securityvulns
securityvulns
Secunia Research: Orbit Downloader Long URL Parsing Buffer Overflow
2009-02-26 00:00:00
Orbit Downloader buffer overflow
2009-02-26 00:00:00
openvas
openvas
Ubuntu USN-723-1 (git-core)
2009-06-05 00:00:00