| ID |
CVE-2007-1891
|
| Summary |
Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize parameter as a byte count instead of a wide character count. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 9.3 (as of 16-10-2018 - 16:41) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
| bid | 23522 | | bugtraq | 20070416 Akamai Technologies Security Advisory 2007-0001 | | cert-vn | VU#120241 | | idefense | 20070416 Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability | | osvdb | 34323 | | sectrack | 1017925 | | secunia | 24900 | | vupen | ADV-2007-1415 |
|
| Last major update |
16-10-2018 - 16:41 |
| Published |
18-04-2007 - 03:19 |
| Last modified |
16-10-2018 - 16:41 |
