CVE-2010-0999

Directory traversal vulnerability in Free Download Manager (FDM) before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:C/A:N
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
VendorProductVersion
freedownloadmanagerfree_download_manager
𝑥
≤ 3.0.851
freedownloadmanagerfree_download_manager
2.1
freedownloadmanagerfree_download_manager
2.5.700
freedownloadmanagerfree_download_manager
2.5.704
freedownloadmanagerfree_download_manager
2.5.724
freedownloadmanagerfree_download_manager
3.0.843
freedownloadmanagerfree_download_manager
3.0.848
freedownloadmanagerfree_download_manager
3.0.850
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/64670
http://secunia.com/secunia_research/2010-67/
http://www.securityfocus.com/archive/1/511284/100/0/threaded
http://www.securityfocus.com/bid/40152
https://exchange.xforce.ibmcloud.com/vulnerabilities/58627
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7284
http://osvdb.org/64670
http://secunia.com/secunia_research/2010-67/
http://www.securityfocus.com/archive/1/511284/100/0/threaded
http://www.securityfocus.com/bid/40152
https://exchange.xforce.ibmcloud.com/vulnerabilities/58627
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7284