Vulnerabilities > CVE-2020-23060 - Out-of-bounds Write vulnerability in Tonec Internet Download Manager 6.37.11.1

CVSS 7.1 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

tonec

CWE-787

NVD

Published: 2021-10-22

Updated: 2024-11-21

Summary

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file.

Vulnerable Configurations

Part	Description	Count
Application	Tonec Tonec Internet Download Manager 6.37.11.1	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://cwe.mitre.org/data/definitions/121.html
https://cwe.mitre.org/data/definitions/121.html
https://www.vulnerability-lab.com/get_content.php?id=2236
https://www.vulnerability-lab.com/get_content.php?id=2236