9 lines
No EOL
793 B
Text
9 lines
No EOL
793 B
Text
source: https://www.securityfocus.com/bid/2615/info
|
|
|
|
Netscape SmartDownload, a download manager add-on for popular web browsers, is vulnerable to a buffer overflow. The library 'sdph20.dll' used by SmartDownload contains an URL parser function that will overflow when a user visits or is redirected to an URL longer than 271 characters.
|
|
|
|
This overflow, if successfully exploited, allows execution of arbitrary code by an attacker with the privilege level of the currently logged-in user. Under Windows 95/98/Me, this means administrative privileges.
|
|
|
|
Hosts with SmartDownload installed are vulnerable regardless of whether SmartDownload is enabled. Exploit code is available for this vulnerability.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20775.tar.gz |