CVE-2019-25478
8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Summary
GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. Attackers can craft malicious HTTP responses with oversized header values to crash the application and make it unavailable.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Getgosoft | GetGo Download Manager | 6.2.2.3300 | affected |
Weaknesses
- CWE-787: Out-of-bounds Write
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
References
- https://www.exploit-db.com/exploits/47282
- http://www.getgosoft.com/getgodm/
- https://www.vulncheck.com/advisories/getgo-download-manager-buffer-overflow-dos
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.