download_manager 缓冲区溢出代码执行漏洞

2023-12-13 20:07:18 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

CVE编号

CVE-2006-5856

利用情况

暂无

补丁情况

N/A

披露时间

2006-12-07

<span style="text-decoration-line: underline;"></span>2.2之前的Adobe Download Manager中基于堆栈的缓冲区溢出允许远程攻击者通过dm.ini文件中的长节名称执行任意代码，该文件通过AOM文件填充。<br>

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html
http://research.eeye.com/html/advisories/published/AD20061205.html
http://secunia.com/advisories/23233
http://securitytracker.com/id?1017340
http://www.adobe.com/support/security/bulletins/apsb06-19.html
http://www.kb.cert.org/vuls/id/448569
http://www.securityfocus.com/archive/1/453636/100/0/threaded
http://www.securityfocus.com/archive/1/453755/100/0/threaded
http://www.securityfocus.com/bid/21453
http://www.vupen.com/english/advisories/2006/4867
http://www.zerodayinitiative.com/advisories/ZDI-06-044/
https://exchange.xforce.ibmcloud.com/vulnerabilities/30742