CVE-2010-0999

Free Download Manager <3.0.852 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in Free Download Manager (FDM) before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/58627
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2010-67/
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7284
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40152
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511284/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/64670

Scores

EPSS 0.0173
EPSS Percentile 74.9%

Details

CWE
CWE-22
Status published
Products (9)
freedownloadmanager/free_download_manager 2
freedownloadmanager/free_download_manager 2.1
freedownloadmanager/free_download_manager 2.5.700
freedownloadmanager/free_download_manager 2.5.704
freedownloadmanager/free_download_manager 2.5.724
freedownloadmanager/free_download_manager 3.0.843
freedownloadmanager/free_download_manager 3.0.848
freedownloadmanager/free_download_manager 3.0.850
freedownloadmanager/free_download_manager < 3.0.851
Published May 17, 2010
Tracked Since Feb 18, 2026