Stack-Based Buffer Overflow in Akamai Technologies Download Manager ActiveX Control
CVE-2007-1891

Currently unrated

Key Information:

Vendor: Akamai Technologies
Status: Download Manager
Vendor: CVE Published:; 18 April 2007

🔔 Create Akamai Technologies Vulnerability Alert

What is CVE-2007-1891?

A vulnerability exists within the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control, leading to a stack-based buffer overflow. This flaw arises from a misinterpretation of the nSize parameter, treating it as a byte count rather than as a wide character count. This can allow remote attackers to execute arbitrary code on affected systems, potentially compromising security. Affected versions include those between 2.0.4.4 and 2.2.1.0.

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://www.osvdb.org/34323

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/archive/1/465908/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

17% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 18, 2007
Vulnerability Reserved
Apr 6, 2007