In association with heise online

« previous | next »
6 June 2008, 11:40

Akamai Download Manager accepts malicious code

Akamai, the load-balancing service provider, says there is a vulnerable ActiveX control in its Download Manager that allows an attacker to take control of a Windows computer. A security advisory from the discoverer of the vulnerability gives more information about the cause. When an attacker's page is visited, parameter injection can be used to upload arbitary files to the visitor's computer and save them anywhere – in the Startup folder for example.

Users may inadvertently arrive at a crafted page by clicking a link in an E-mail or on a web site. While visiting a manipulated page, they can then inadvertently be passed on to a harmful site.

All versions of the Download Manager up to and including 2.2.3.5 are affected. The vulnerability is eliminated in version 2.2.3.7. Akamai says the ActiveX control can be updated on its update page.

See also:

(mba)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-735401

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Crucial m4 SSD 128GB
  7. Gigabyte GeForce GTX 670 OC
  8. Diablo 3 (deutsch)
  9. Palit GeForce GTX 670
  10. Samsung Galaxy Nexus i9250 16GB silber

The H

The H open source

The H Security

The H Internet Toolkit