Unrated severityNVD Advisory· Published Apr 6, 2008· Updated Jun 16, 2026
CVE-2008-1602
CVE-2008-1602
Description
Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows remote attackers to execute arbitrary code via a long download URL, which is not properly handled during Unicode conversion for a balloon notification after a download has failed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:orbit_downloader:orbit_downloader:2.6.3:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:orbit_downloader:orbit_downloader:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:orbit_downloader:orbit_downloader:2.6.4:*:*:*:*:*:*:*
- (no CPE)range: 2.6.3, 2.6.4
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/28541nvdPatch
- www.coresecurity.comnvdExploitPatch
- secunia.com/advisories/29669nvdVendor Advisory
- securityreason.com/securityalert/3798nvd
- www.securityfocus.com/archive/1/490458/100/0/threadednvd
- www.vupen.com/english/advisories/2008/1101nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41649nvd
News mentions
0No linked articles in our index yet.