Akamai Download Manager ActiveX Control < 2.2.1.0 Multiple Vulnerabilities

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control that is affected by
multiple buffer overflow vulnerabilities.

Description :

The Windows remote host contains the Download Manager ActiveX control
from Akamai, which helps users download content.

The version of this ActiveX control on the remote host reportedly
contains two stack-based buffer overflow vulnerabilities. A remote
attacker may be able to leverage these issues to execute arbitrary
code on the remote host subject to the privileges of the current user.

See also :

http://seclists.org/fulldisclosure/2007/Apr/473
http://www.securityfocus.com/archive/1/465908/30/0/threaded

Solution :

Upgrade to version 2.2.1.0 or later of the control.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25038 (akamai_dlm_activex_2210.nasl)

Bugtraq ID: 23522

CVE ID: CVE-2007-1891
CVE-2007-1892

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now