Unrated severityNVD Advisory· Published Feb 26, 2009· Updated Jun 16, 2026
CVE-2009-0187
CVE-2009-0187
Description
Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "Connecting" log message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:orbitdownloader:orbit_downloader:2.8.2:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:orbitdownloader:orbit_downloader:2.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:orbitdownloader:orbit_downloader:2.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:orbitdownloader:orbit_downloader:2.8.4:*:*:*:*:*:*:*
- (no CPE)range: <2.8.5
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/33894nvdPatch
- www.vupen.com/english/advisories/2009/0521nvdPatchVendor Advisory
- secunia.com/advisories/33843nvdVendor Advisory
- secunia.com/secunia_research/2009-9/nvdVendor Advisory
- osvdb.org/52294nvd
- www.securityfocus.com/archive/1/501220/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/48932nvd
News mentions
0No linked articles in our index yet.