Getplus Download Manager
Approved changes feed: RSS · Atom
cpe:2.3:a:corel:getplus_download_manager:1.5.0.48:*:*:*:*:*:*:*
part: a version: 1.5.0.48 update: *
| Vendor | Corel (64fffbe5-3edf-5917-8ab7-f4866db5f4cb) |
|---|---|
| Product | Getplus Download Manager (0754f5e5-cf95-5741-b1ed-530ce521c6c5) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2009-2564 |
vulnerable | 2026-06-03 14:29:41.824319 |
Details available
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.
Published: 2009-07-21T17:00:00.000Z
Updated: 2024-08-07T05:52:15.251Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.