Moderate

CVE-2007-6339 - Code Injection vulnerability in Akamai Technologies Download Manager

Publication: 2008-05-01
Summary

The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (DownloadManagerV2.ocx) before 2.2.3.5 allows remote attackers to force the download and execution of arbitrary code via unspecified "undocumented object parameters."

Classification
CWE-94: Code Injection

Risk level (CVSS 6.8)

Moderate

6.8

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Akamai Technologies Download Manager 2.2.0.0
  • Akamai Technologies Download Manager 2.2.1.0