CVE-2010-0189 in getPlus Download Manager
Summary
by MITRE
A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 05/01/2026
The vulnerability identified as CVE-2010-0189 resides within the ActiveX control component of NOS Microsystems getPlus Download Manager version 1.5.2.35, which was integrated into Adobe Download Manager. This security flaw represents a classic case of improper input validation that specifically targets domain validation mechanisms within web-based download processes. The vulnerability manifests when the ActiveX control fails to properly validate domain requests, particularly those involving sites that do not reside within subdomains of the expected target. This oversight creates a pathway for malicious actors to exploit the download manager's trust model by crafting deceptive download site names that bypass normal security checks.
The technical exploitation of this vulnerability occurs through a domain validation bypass mechanism that allows attackers to manipulate the ActiveX control's behavior. When a user encounters a malicious download request, the control's flawed validation logic permits downloads from non-subdomain sites, effectively circumventing the security boundaries that should prevent arbitrary program installations. This weakness stems from insufficient domain verification that fails to properly distinguish between legitimate and malicious domains, creating a scenario where attackers can force installations of unwanted software. The vulnerability operates at the application layer, specifically targeting the download management functionality and trust validation processes of the ActiveX component.
The operational impact of this vulnerability extends beyond simple unauthorized downloads, as it enables attackers to execute arbitrary code on vulnerable systems through the download manager's installation mechanisms. This represents a significant escalation from typical web-based attacks, as the compromised download manager becomes a vector for full system compromise. The threat landscape surrounding this vulnerability aligns with attack patterns documented in the attack mitigation framework, where malicious actors leverage trusted application components to bypass traditional security controls. The implications include potential system infections, data theft, and the establishment of persistent backdoors through the forced installation of malicious software packages.
Mitigation strategies for CVE-2010-0189 require immediate removal of the vulnerable ActiveX control from affected systems, as the vulnerability cannot be patched due to the control's age and lack of vendor support. Organizations should implement strict ActiveX control policies and disable unnecessary ActiveX components to reduce attack surface. The remediation process involves comprehensive system auditing to identify all instances of the vulnerable getPlus Download Manager, followed by complete uninstallation of the software. Security teams should also consider implementing network-level controls that restrict access to known malicious domains and establish monitoring for suspicious download activities. This vulnerability demonstrates the critical importance of proper input validation and domain verification, as outlined in CWE categories related to improper validation of domain names and trust boundary violations. The attack patterns associated with this vulnerability align with techniques described in the attack mitigation framework, particularly those involving component-based exploitation and trust model bypasses that have been documented in various cybersecurity threat intelligence reports.