Skip to main content

Adobe Download Manager File Download and Execute Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 26 Feb 2010 5467 Views

RISK: Medium Risk

A vulnerability has been identified in Adobe Download Manager, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an error when processing URLs, which could be exploited by attackers to download and install unauthorized software onto a vulnerable system by tricking a user into following a specially crafted link or visiting a malicious web page.

Note : The Adobe Download Manager is automatically installed when downloading Adobe Reader for Windows or Adobe Flash Player for Windows from Adobe's website, however, it is designed to remove itself from the computer after use at the next computer restart.


Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Download Manager on Windows (prior to February 23, 2010)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Restart the system or manually uninstall Adobe Download Manager :
http://www.adobe.com/support/security/bulletins/apsb10-08.html


Vulnerability Identifier


Source