Kaspersky LabKLA10054KLA10054 ACE vulnerability in Akamai Download Manager
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.0%
CRLF injection vulnerability was found in the Akamai Download Manager. By using this vulnerability spiteful abuser can execute arbitrary code. This vulnerability can be exploited from network at point related to unknown. Via specially designed URL.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Related products
Akamai-Download-Manager-ActiveX-Control
CVE list
CVE-2008-1770 critical
Solution
Update to latest version
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Affected Products
- Akamai Download Manager 2 versions 2.2.3.5 and earlier
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.0%