CVE-2009-3617

描述

Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a download URI. NOTE: some of these details are obtained from third party information.

受影響套件(1)

• Debian/aria2from 0, < 1.6.2-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-3617