vendor:
Internet Download Manager
by:
Mohammad Reza Espargham
7.5
CVSS
HIGH
Remote Code Execution
119
CWE
Product Name: Internet Download Manager
Affected Version From: All Version
Affected Version To: All Version
Patch Exists: NO
Related CWE: CVE2014-6332
CPE: a:internetdownloadmanager:internet_download_manager
Platforms Tested: Windows 7, Server 2008
2014
Internet Download Manager – OLE Automation Array Remote Code Execution
This exploit allows remote code execution in Internet Download Manager through OLE Automation Array. It affects all versions of IDM and has been tested on Windows 7 and Server 2008.
Mitigation:
To mitigate this vulnerability, users should update to the latest version of Internet Download Manager and apply all security patches.