Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2007-1891 to a friend New vulnerability? New tool? Tell us	CVE-2007-1891 Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability     Credit: The information has been provided by iDefense by McSlibin. The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=514 Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2007-1891 Details Check for CVE-2007-1891 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Akamai Technologies Inc's DownloadManagerV2.ocx version 2.2.0.5 The ActiveX control in question has the following identifiers:   Class: DownloadManager Control   CLSID: 2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B   ProgId: MANAGER.DLMCtrl.1.   File: C:\Windows\Downloaded Program Files\DownloadManagerV2.ocx The vulnerability specifically exists due to incorrect use of the GetPrivateProfileSectionW function. The nSize parameter is incorrectly passed the total number of bytes available, rather than the number of wide characters available. This leads to an exploitable stack-based buffer overflow. Analysis: Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary code within the context of the targeted user. In order to exploit this vulnerability, an attacker would need to persuade the victim into viewing a malicious web site. This is usually accomplished by getting the victim into clicking a link in a form of electronic communication such as e-mail or instant messaging. Additionally, the victim must either accept and install, or already have the download manager control on their system. Workaround: Setting the kill-bit for this control will prevent it from being loaded within Internet Explorer. However, doing so will prevent legitimate use of the control. Vendor response: "Affected users can upgrade to the latest version of Akamai Download Manager by visiting the following web page: http://dlm.tools.akamai.com/tools/upgrade.html Visiting that page or any other Download Manager enabled page will prompt the user to install the latest version of the software automatically. Akamai has successfully coordinated with each of our enterprise customers to ensure that all are distributing the patched patched version." CVE Information: CVE-2007-1891 Disclosure Timeline: 04/03/2007 - Initial vendor notification 04/03/2007 - Initial vendor response 04/16/2007 - Coordinated public disclosure  Comments on CVE-2007-1891:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®