Computer Security

Akamai Download Manager ActiveX code execution
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Akamai Download Manager ActiveX code execution
updated since 01.05.2008
Published:05.06.2008
Source:BUGTRAQ
SecurityVulns ID:8962
Type:client
Level:6/10
Description:Undocumented properties allow code download and execute.
Affected:AKAMAI : Akamai Download Manager 2.2
CVE:CVE-2008-1770 (CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote attackers to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line.)
Original documentdocumentcocoruder, Akamai Download Manager File Downloaded To Arbitrary Location Vulnerability (05.06.2008)
 documentAKAMAI, Akamai Technologies Security Advisory 2008-0001 (Download Manager) (05.06.2008)
 documentIDEFENSE, iDefense Security Advisory 04.30.08: Akamai Download Manager Arbitrary Program Execution Vulnerability (01.05.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server