ReGet Deluxe .wjr file SaveTo attribute buffer overflow

Added: 05/14/2010
BID: 37511

Background

ReGet Deluxe is a download manager for Windows.

Problem

A buffer overflow vulnerability allows command execution when a user opens a .wjr file containing a Download tag with a specially crafted SaveTo attribute.

Resolution

Do not open untrusted .wjr files using ReGet Deluxe.

References

http://www.exploit-db.com/exploits/10664

Limitations

Exploit works on ReGet Deluxe 5.2 build 330 and requires a user to open the exploit file in ReGet Deluxe.

Platforms

Windows XP

Back to exploit index