Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-25304

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-29 Apr, 2026 | 19:24
Updated At-30 Apr, 2026 | 12:40
Rejected At-
Credits

Free Download Manager 2.0 Built 417 Local Buffer Overflow SEH

Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploitation. Attackers can craft a malicious URL file that, when imported through the File > Import > Import lists of downloads menu, causes a buffer overflow in the Location header response that overwrites the SEH chain and executes arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:29 Apr, 2026 | 19:24
Updated At:30 Apr, 2026 | 12:40
Rejected At:
â–¼CVE Numbering Authority (CNA)
Free Download Manager 2.0 Built 417 Local Buffer Overflow SEH

Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploitation. Attackers can craft a malicious URL file that, when imported through the File > Import > Import lists of downloads menu, causes a buffer overflow in the Location header response that overwrites the SEH chain and executes arbitrary code.

Affected Products
Vendor
Filehippo
Product
Free Download Manager
Versions
Affected
  • 2.0
Problem Types
TypeCWE IDDescription
CWECWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
4.08.6HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Marwan Shamel
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.exploit-db.com/exploits/44499
exploit
https://filehippo.com/download_free_download_manager/925/
product
https://www.vulncheck.com/advisories/free-download-manager-built-417-local-buffer-overflow-seh
third-party-advisory
Hyperlink: https://www.exploit-db.com/exploits/44499
Resource:
exploit
Hyperlink: https://filehippo.com/download_free_download_manager/925/
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/free-download-manager-built-417-local-buffer-overflow-seh
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:29 Apr, 2026 | 20:16
Updated At:29 Apr, 2026 | 20:16

Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploitation. Attackers can craft a malicious URL file that, when imported through the File > Import > Import lists of downloads menu, causes a buffer overflow in the Location header response that overwrites the SEH chain and executes arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.6HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-120Primarydisclosure@vulncheck.com
CWE ID: CWE-120
Type: Primary
Source: disclosure@vulncheck.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://filehippo.com/download_free_download_manager/925/disclosure@vulncheck.com
N/A
https://www.exploit-db.com/exploits/44499disclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/free-download-manager-built-417-local-buffer-overflow-sehdisclosure@vulncheck.com
N/A
Hyperlink: https://filehippo.com/download_free_download_manager/925/
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/44499
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/free-download-manager-built-417-local-buffer-overflow-seh
Source: disclosure@vulncheck.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

53Records found
CVE-2024-21464
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.33%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 10:33
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Data Network Stack & Connectivity

Memory corruption while processing IPA statistics, when there are no active clients registered.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-talynplus_firmwarewcn6740_firmwarewcd9395wsa8830fastconnect_7800wcn3950_firmwarewsa8845hqcm4490wcd9370_firmwarewsa8840wcd9390_firmwarefastconnect_6700talynplusqcs4490wcn6740fastconnect_6700_firmwarewcd9370wcd9390snapdragon_8\+_gen_1_mobilewsa8815wsa8832wcd9395_firmwarewsa8845wsa8810fastconnect_6900_firmwareqcm4490_firmwareqcs4490_firmwarewcn3950wsa8845_firmwarefastconnect_6900wsa8832_firmwarewsa8815_firmwarewsa8830_firmwarewsa8845h_firmwarefastconnect_7800_firmwarewsa8835_firmwarewsa8835wsa8840_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresnapdragon_8_gen_3_mobilesnapdragon_8_gen_3_mobile_firmwarewsa8810_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-35928
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.03%
||
7 Day CHG~0.00%
Published-03 Aug, 2022 | 19:25
Updated-23 Apr, 2025 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AES Crypt for Linux Password Security Vulnerability

AES Crypt is a file encryption software for multiple platforms. AES Crypt for Linux built using the source on GitHub and having the version number 3.11 has a vulnerability with respect to reading user-provided passwords and confirmations via command-line prompts. Passwords lengths were not checked before being read. This vulnerability may lead to buffer overruns. This does _not_ affect source code found on aescrypt.com, nor is the vulnerability present when providing a password or a key via the `-p` or `-k` command-line options. The problem was fixed via in commit 68761851b and will be included in release 3.16. Users are advised to upgrade. Users unable to upgrade should us the `-p` or `-k` options to provide a password or key.

Action-Not Available
Vendor-aescryptpaulej
Product-aes_cryptAESCrypt
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2022-33277
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 30.30%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking size of input in modem

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qca2062csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998qca6554a_firmwarewcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qcn9002qca6438_firmwareqca9986sd680_firmwareipq8070_firmwareipq8065ipq8078a_firmwareqca6678aq_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareipq5028qrb5165m_firmwareipq8072_firmwareipq4029_firmwareqca6698aqqcs6125sa8155_firmwaresa4155p_firmwareipq6010sd662_firmwareipq8068qcs405qca6430wcd9340qcn6132sd765gsw5100sd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwareqca6698aq_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca2066_firmwareqca6696_firmwareqca6431wcd9371sd870_firmwaresd750gqca1062ipq9008_firmwareqcn5154_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1sd712sd855_firmwarewcn3988sd660_firmwareqca6438wcn7850_firmwaresa8195p_firmwaresm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca9898sa8295p_firmwareipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaressg2125pwcd9380_firmwareipq8072aqca9980_firmwaresw5100pipq8076a_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwareqca6564auwcn6856_firmwareipq9008qcn5164sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwaresdx50m_firmwaresxr1230pqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcm4325_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cpmp8074_firmwareqcn6112wcn3910qca9986_firmwareqca6426_firmwaresd695ipq6028ipq8064qca9984pmp8074qcn9024ipq9574_firmwarewcn3980_firmwaresd730sdx55mipq8064_firmwareqcc5100_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareqca6678aqsd678_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwaresd480sd870wcn6855qcn7605_firmwarewsa8832sw5100p_firmwareqcs610_firmwareqsm8250sa6145pipq6018qca9886_firmwaresd695_firmwaresdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145pqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155pcsra6640sd675ssg2115p_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290qcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sxr2230p_firmwaresa8145p_firmwareqca1062_firmwareqcs2290_firmwaresd7c_firmwarecsrb31024snapdragon_4_gen_1_firmwarecsra6620qca8082qcn9072qca8386qca9992qcs4290sd765g_firmwareqca6420_firmwareipq8069_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwaressg2115pipq8072qcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwareqcn7605wcd9326_firmwareipq8074aqca2065sd662qcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqca1064sa8155qcn6100_firmwareqca8082_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310qcn9274ipq8174wcn7851sa515m_firmwareqca9990qcn9001qcn5052qcs6490sdxr2_5gqcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335sg4150pqca8081qcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca8085_firmwareqcs6490_firmwareqca2065_firmwaresd_8cx_gen3qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811qcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315sa4150psg4150p_firmwareqcm6125_firmwareqcm4325qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gqca6554asd865_5gqca6595ar9380_firmwareqcc5100qcn9012sd888qcn6122_firmwareipq8065_firmwareqcx315_firmwaresxr1230p_firmwarewsa8835sd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwaresc8180xssg2125p_firmwareipq4018qca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareipq8074qca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm4125_firmwaresm7325p_firmwaresd665sxr2230pipq8076sd765qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareaqt1000_firmwareqcn6102qcn9100sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresdx50mqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sc8180x_firmwareipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwareqcm6125wsa8810wcn6856qcn5022sd768gipq6010_firmwareqca1064_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwaresw5100_firmwareipq4029sd850Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • Next
Details not found