Name:
Akamai.Download.Manager.Code.Execution
Released Date:
May 12 2008
Severity:
high
CVE:
2007-6339
Bugtraq:
28993

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates an attempt to exploit a code execution vulnerability in Akamai Download Manager.

The vulnerability is caused by a design error in DownloadManager Control while processing two undocumented object parameters. It allows remote attackers to execute arbitrary code by tricking the victim into visiting a malicious web page.
 
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
 
Affected Products
Akamai Akamai Download Manager 2.2.1.0
Akamai Akamai Download Manager 2.2.0.0
Aliases
References
http://www.securityfocus.com/bid/28993
http://www.frsirt.com/english/advisories/2008/1408
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2007-6339
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=695
Recommended Actions
Refer to the vendor's web site for the suggested workaround: http://dlm.tools.akamai.com/tools/upgrade.html

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED