Orbit Downloader Long URL Stack Buffer Overflow

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

CVE識別番号: CVE-2009-0187

概要

Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "Connecting" log message.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1003317

Trend Micro Deep Security DPI Rule Name: 1003317 - Orbit Downloader Long URL Stack Buffer Overflow

影響を受けるソフトウェア

orbitdownloader orbit_downloader 2.8.2
orbitdownloader orbit_downloader 2.8.3
orbitdownloader orbit_downloader 2.8.4