Akamai Download Manager ActiveX Control < Buffer Overflow

High Nessus Plugin ID 40363


The remote Windows host has an ActiveX control that is prone to a buffer overflow attack.


The Windows remote host contains the Download Manager ActiveX control from Akamai, which helps users download content.

The version of this ActiveX control on the remote host reportedly is affected by a buffer overflow vulnerability in 'manager.exe' when handling Redswoosh downloads. If an attacker can trick an user on the affected host into visiting a specially crafted web page, he may be able to execute arbitrary code on the affected system subject to the user's privileges.


Manually remove all older versions and, if desired, install version or later.

See Also



Plugin Details

Severity: High

ID: 40363

File Name: akamai_dlm_activex_2_2_4_8.nasl

Version: $Revision: 1.10 $

Type: local

Agent: windows

Family: Windows

Published: 2009/07/24

Modified: 2017/08/14

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/07/22

Vulnerability Publication Date: 2009/07/22

Reference Information

CVE: CVE-2009-2582

BID: 35778

OSVDB: 56247

Secunia: 35951

CWE: 119