CVE-2007-1891
published 2007-04-18CVE-2007-1891: Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after…
PriorityP348critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
6.77%
93.2th percentile
Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize parameter as a byte count instead of a wide character count.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| akamai_technologies | download_manager | <= 2.2.4.3 | — |
| akamai_technologies | download_manager | — | — |
| akamai_technologies | download_manager | — | — |
| akamai_technologies | download_manager | — | — |
| akamai_technologies | download_manager | — | — |
| akamai_technologies | download_manager | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mmg7-q8j9-f8wj: Stack-based buffer overflow in manager
ghsa_unreviewed·2022-05-02·CVSS 9.3
CVE-2009-2582 [CRITICAL] CWE-119 GHSA-mmg7-q8j9-f8wj: Stack-based buffer overflow in manager
Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2007-1891 and CVE-2007-1892.
GHSA
GHSA-6j77-pv9h-rxpf: Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-1892 [CRITICAL] GHSA-6j77-pv9h-rxpf: Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2
Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891.
GHSA
GHSA-frf9-9643-85j4: Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2
ghsa_unreviewed·2022-05-01
CVE-2007-1891 [HIGH] GHSA-frf9-9643-85j4: Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2
Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize parameter as a byte count instead of a wide character count.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=514http://secunia.com/advisories/24900http://www.kb.cert.org/vuls/id/120241http://www.osvdb.org/34323http://www.securityfocus.com/archive/1/465908/100/0/threadedhttp://www.securityfocus.com/bid/23522http://www.securitytracker.com/id?1017925http://www.vupen.com/english/advisories/2007/1415http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=514http://secunia.com/advisories/24900http://www.kb.cert.org/vuls/id/120241http://www.osvdb.org/34323http://www.securityfocus.com/archive/1/465908/100/0/threadedhttp://www.securityfocus.com/bid/23522http://www.securitytracker.com/id?1017925http://www.vupen.com/english/advisories/2007/1415
2007-04-18
Published