Vulnerabilities > Orbitdownloader

DATE	CVE	VULNERABILITY TITLE	RISK
2010-05-27	CVE-2010-2104	Path Traversal vulnerability in Orbitdownloader Orbit Downloader 3.0.0.4/3.0.0.5 Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and 3.0.0.5 allows user-assisted remote attackers to write arbitrary files via a metalink file containing directory traversal sequences in the name attribute of a file element. network orbitdownloader CWE-22	4.3
2009-03-26	CVE-2009-1064	Code Injection vulnerability in multiple products Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and earlier ActiveX control allows remote attackers to overwrite arbitrary files via whitespace and a command-line switch, followed by a full pathname, in the third argument to the download method. network orbit-downloader orbitdownloader CWE-94	5.8
2009-02-26	CVE-2009-0187	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Orbitdownloader Orbit Downloader 2.8.2/2.8.3/2.8.4 Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "Connecting" log message. network orbitdownloader CWE-119 critical	9.3

Vulnerabilities > Orbitdownloader {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Orbitdownloader"}]}