cpe:/a:orbit_downloader:orbit_downloader:2.6.3 cpe:/a:orbit_downloader:orbit_downloader:2.6.4 CVE-2008-1602 2008-04-06T19:44:00.000-04:00 2017-08-07T21:30:17.087-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-04-07T10:44:00.000-04:00 BUGTRAQ 20080403 CORE-2008-0314 - Orbit Downloader "Download failed" buffer overflow BID 28541 SECUNIA 29669 SREASON 3798 VUPEN ADV-2008-1101 MISC http://www.coresecurity.com/?action=item&id=2211 XF orbitdownloader-url-bo(41649) Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows remote attackers to execute arbitrary code via a long download URL, which is not properly handled during Unicode conversion for a balloon notification after a download has failed.