Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) Unspecified Overflow

2007-04-16T06:33:54
ID OSVDB:34324
Type osvdb
Reporter OSVDB
Modified 2007-04-16T06:33:54

Description

Vulnerability Description

A remote overflow exists in the Download Manager Active X Control. With a specially crafted request, an attacker can execute arbitrary code in the trust relationship between the client and the browser, resulting in a loss of integrity.

Solution Description

Upgrade to version 2.2.1.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in the Download Manager Active X Control. With a specially crafted request, an attacker can execute arbitrary code in the trust relationship between the client and the browser, resulting in a loss of integrity.

References:

Secunia Advisory ID:24900 Related OSVDB ID: 34323 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0259.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0254.html ISS X-Force ID: 33697 FrSIRT Advisory: ADV-2007-1415 CVE-2007-1892 Bugtraq ID: 23522