CVE Vulnerability

CVE-2007-1891

Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize parameter as a byte count instead of a wide character count.

9.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=514 Patch Vendor Advisory
http://www.securityfocus.com/bid/23522
http://www.kb.cert.org/vuls/id/120241 US Government Resource
http://www.securitytracker.com/id?1017925
http://secunia.com/advisories/24900
http://www.osvdb.org/34323
http://www.vupen.com/english/advisories/2007/1415
http://www.securityfocus.com/archive/1/465908/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:akamai_technologies:download_manager:2.2.0.0:*:*:*:*:*:*:*
Information

Published : 2007-04-18 03:19

Updated : 2018-10-16 04:41

NVD link : CVE-2007-1891

Mitre link : CVE-2007-1891

Products Affected
No products.
CWE
NVD-CWE-Other