CVE-2010-0189

CVE Database · CVE-2010-0189

CVE-2010-0189

· N/AModified

CVSS v3.1

N/A

EPSS

5.18%

Published

Feb 23, 2010

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site.

Weaknesses (CWE)

CWE-20

Affected Products (2)

nos_microsystems · getplus_download_managervulnerable

adobe · download_managervulnerable

References (20)

http://aviv.raffon.net/2010/02/18/SkeletonsInAdobesSecurityCloset.aspx

http://blogs.adobe.com/psirt/2010/02/adobe_download_manager_issue.html

http://blogs.zdnet.com/security/?p=5505

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=856

http://secunia.com/advisories/38729

Vendor Advisory