Detections
Analytics
Adobe Download Manager Arbitrary File Download (APSB10-08)
critical Nessus Plugin ID 44939
Language:
Synopsis
The remote Windows host has a download manager installed that is prone to an arbitrary file download vulnerability.Description
The remote Windows host has a version of Adobe Download Manager earlier than 1.6.2.63 installed. Such versions are potentially affected by a vulnerability that allows an attacker to download and install unauthorized software onto a user's system.Solution
Either upgrade to Adobe Download Manager version 1.6.2.63 or uninstall the application.See Also
https://www.adobe.com/support/security/bulletins/apsb10-08.html
http://blogs.adobe.com/psirt/2010/02/security_update_released_for_t.html/
https://www.securityfocus.com/archive/1/509720/30/0/threaded
Plugin Details
Severity: Critical
ID: 44939
File Name: adobe_download_manager_apsb10-08.nasl
Version: 1.13
Type: local
Agent: windows
Family: Windows
Published: 3/1/2010
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:adobe:download_manager
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Patch Publication Date: 2/23/2010
Vulnerability Publication Date: 2/18/2010
Reference Information
CVE: CVE-2010-0189
BID: 38313