CRLF Injection Vulnerability in Akamai Download Manager ActiveX Control
CVE-2008-1770

Currently unrated

Key Information:

Vendor: Akamai
Status: Download Manager
Vendor: CVE Published:; 4 June 2008

What is CVE-2008-1770?

A vulnerability exists in the Akamai Download Manager ActiveX control that allows remote attackers to craft a URL containing an encoded line feed (LF). If successfully exploited, this can lead to the download and execution of arbitrary files, posing significant security risks for users. Versions prior to 2.2.3.6 are particularly vulnerable, emphasizing the need for timely updates and security practices.

References

https://www.exploit-db.com/exploits/5741

exploitx_refsource_EXPLOIT-DB

http://www.securitytracker.com/id?1020194

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/archive/1/493077/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

13% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 4, 2008
Vulnerability Reserved
Apr 12, 2008