CVE-2010-0999

Published May 17, 2010

Last updated 6 years ago

CVSS info 7.1

Overview

Description: Directory traversal vulnerability in Free Download Manager (FDM) before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.
Source: PSIRT-CNA@flexerasoftware.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:C/A:N

Weaknesses

nvd@nist.gov: CWE-22

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F296836A-9B1E-4AC5-BCC4-CD85BB3C7CAC",
            "versionEndIncluding": "3.0.851"
          },
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44845571-0E55-4DE5-B7A4-ED378CFC0E30"
          },
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A1DC661-B3C9-4E1E-BF85-B002454068AD"
          },
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:2.5.700:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAC90ADA-453E-42F5-8812-46B0F46E8AD1"
          },
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:2.5.704:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD1FF496-02D6-4EDC-AAC5-62D761FFAC3A"
          },
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:2.5.724:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AF49E62-4732-42E0-9F71-BCD0F2D06DB5"
          },
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:3.0.843:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06C04B6B-5BE6-4EB4-9A2D-D07F160B717D"
          },
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:3.0.848:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D0029A9-61CD-4E75-B964-7585B0D34F3F"
          },
          {
            "criteria": "cpe:2.3:a:freedownloadmanager:free_download_manager:3.0.850:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE441E1D-BB14-4E69-8772-D821AC73588F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References