High severity8.4NVD Advisory· Published Apr 29, 2026· Updated Apr 30, 2026

CVE-2018-25304

Description

Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploitation. Attackers can craft a malicious URL file that, when imported through the File > Import > Import lists of downloads menu, causes a buffer overflow in the Location header response that overwrites the SEH chain and executes arbitrary code.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

filehippo.com/download_free_download_manager/925/nvd
www.exploit-db.com/exploits/44499nvd
www.vulncheck.com/advisories/free-download-manager-built-417-local-buffer-overflow-sehnvd

News mentions

No linked articles in our index yet.

cvss	0.546
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000