CVE-2010-0189: CVE-2010-0189

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-0189

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Nos_Microsystems getPlus下载管理器域验证任意文件下载漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

getPlus下载管理器是用于通过浏览器下载、安装和升级其他软件的管理工具。在Adobe Download Manager中使用的NOS Microsystems getPlus Download Manager（DLM或Downloader）1.5.2.35版本中的某个ActiveX控件没有正确地验证用于下载和执行应用程序所在的域，有漏洞的代码假设所验证的域是一个子域，在对比有效域和所请求域时可能或导致逻辑错误。远程攻击者可借助下载站点的特制名称强制任意程序的下载和安装。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2010-0189

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2010-0189

Please Login to view more intelligence information

http://blogs.zdnet.com/security/?p=5505x_refsource_MISC
http://www.akitasecurity.nl/advisory.php?id=AK20090401x_refsource_MISC
http://www.adobe.com/support/security/bulletins/apsb10-08.htmlx_refsource_CONFIRM
http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.htmlx_refsource_MISC
http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspxx_refsource_MISC
http://www.securityfocus.com/bid/38313vdb-entryx_refsource_BID
http://secunia.com/advisories/38729third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/62547vdb-entryx_refsource_OSVDB
http://securitytracker.com/id?1023651vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2010/0459vdb-entryx_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7182vdb-entrysignaturex_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/56370vdb-entryx_refsource_XF
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=856third-party-advisoryx_refsource_IDEFENSE
https://nvd.nist.gov/vuln/detail/CVE-2010-0189

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2010-0189

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2010-0189

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2010-0189

III. Intelligence Information for CVE-2010-0189

IV. Related Vulnerabilities

V. Comments for CVE-2010-0189

Leave a comment