Vulnerabilities > CVE-2007-1892 - Buffer Overflow vulnerability in Akamai Technologies Download Manager 2.2.0.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Windows |
| NASL id | AKAMAI_DLM_ACTIVEX_2210.NASL |
| description | The Windows remote host contains the Download Manager ActiveX control from Akamai, which helps users download content. The version of this ActiveX control on the remote host reportedly contains two stack-based buffer overflow vulnerabilities. A remote attacker may be able to leverage these issues to execute arbitrary code on the remote host subject to the privileges of the current user. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 25038 |
| published | 2007-04-17 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/25038 |
| title | Akamai Download Manager ActiveX Control < 2.2.1.0 Multiple Vulnerabilities |
Seebug
| bulletinFamily | exploit |
| description | Akamai Download Manager是一款帮助用户快速方便下载的客户端软件。 Akamai Download Manager包含的控件存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 受漏洞影响控件如下: Class: DownloadManager Control CLSID: 2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B ProgId: MANAGER.DLMCtrl.1. File: C:\Windows\Downloaded Program Files\DownloadManagerV2.ocx 问题是由于不正确使用GetPrivateProfileSectionW函数,nSize参数不正确传递给可用总字节数超过可用宽字符数,可导致可利用的基于堆栈的缓冲区溢出。 CVE-2007-1892目前没有详细漏洞细节提供。 Akamai Download Manager 2.2.0.0 Akamai Akamai Download Manager 2.2.0.0 * Akamai Akamai Download Manager 2.2.1.0 <a href="http://dlm.tools.akamai.com/tools/upgrade.html" target="_blank">http://dlm.tools.akamai.com/tools/upgrade.html</a> |
| id | SSV:1640 |
| last seen | 2017-11-19 |
| modified | 2007-04-18 |
| published | 2007-04-18 |
| reporter | Root |
| title | Akamai Download Manager ActiveX控件缓冲区溢出漏洞 |