NOS getPlus Downloader Domain Validation Arbitrary File Download Vulnerability

NOS getPlus Downloader is prone to a vulnerability that can allow attackers to download and execute arbitrary files.

Attackers can exploit this issue by enticing a vulnerable user to visit a malicious webpage. Successful exploits will allow malicious files to be downloaded and run with the privileges of the current user.

NOTE: This BID was originally titled "Adobe Download Manager Unspecified Arbitrary File Download Vulnerability". Adobe Download Manager is based on the NOS getPlus Downloader.

The following are vulnerable:

NOS getPlus Downloader 1.5.2.35
Adobe Download Manager prior to 1.6.2.63

Other versions or products based on getPlus Downloader may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus