Description
Directory traversal vulnerability in Free Download Manager (FDM) before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/58627
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2010-67/
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7284
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/40152
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511284/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/64670
Scores
EPSS
0.0173
EPSS Percentile
74.9%
Details
CWE
CWE-22
Status
published
Products (9)
freedownloadmanager/free_download_manager
2
freedownloadmanager/free_download_manager
2.1
freedownloadmanager/free_download_manager
2.5.700
freedownloadmanager/free_download_manager
2.5.704
freedownloadmanager/free_download_manager
2.5.724
freedownloadmanager/free_download_manager
3.0.843
freedownloadmanager/free_download_manager
3.0.848
freedownloadmanager/free_download_manager
3.0.850
freedownloadmanager/free_download_manager
< 3.0.851
Published
May 17, 2010
Tracked Since
Feb 18, 2026