GetGo Download Manager buffer overflow vulnerability

by George Chetcuti [Published on 24 March 2014 / Last Updated on 24 March 2014]

Julien Ahrens (aka MrTuxracer) publishes root-cause analysis of GetGo Download Manager http response header buffer overflow remote code execution.

All available versions of the GetGo Download Manager are vulnerable to a remote code execution exploit. Mr Tuxracer of rcesecurity.com advices users running this software to immediately switch to a more secure download manager because the GetGo project is dead, but still high-rated by cnet.com.

GetGo Download Manager is a free Internet Download Manager designed for the new generation of media content. It can easily download videos, music, and other content from YouTube, Facebook, Google Video, MetaCafe, DailyMotion, iFilm/Spike, Vimeo, MegaVideo, Break.com and any websites with embedded FLV flash videos.

Read the security advisory here - http://www.rcesecurity.com/2014/03/cve-2014-2206-getgo-download-manager-http-response-header-buffer-overflow-remote-code-execution/

Add Review or Comment

Featured Links