CVEs-PoC/2014/CVE-2014-2206.md

### [CVE-2014-2206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2206)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8.2.1346, 4.4.5.502, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long HTTP Response Header.

### POC

#### Reference
- http://www.rcesecurity.com/2014/03/cve-2014-2206-getgo-download-manager-http-response-header-buffer-overflow-remote-code-execution

#### Github
- https://github.com/JellyMeyster/vfeedWarp
- https://github.com/JellyToons/vfeedWarp
- https://github.com/MrTuxracer/advisories