EDonkey 2000 URI Handler Buffer Overflow Vulnerability

The eDonkey 2000 Windows client includes a handler for a custom URI, ed2k://. This URI handler allows for files to be retrieved from the network using MSIE or other tools which support it. It has been reported that the handler for eDonkey 2000 is vulnerable to a buffer overflow condition when parsing maliciously constructed URIs. This may be exploited to crash the user's browser or execute arbitrary code on the victim client.


 

Privacy Statement
Copyright 2010, SecurityFocus