Title : Akamai Download Manager Arbitrary File Download Vulnerability VUPEN ID : VUPEN/ADV-2008-1746 CVE ID : CVE-2008-1770 CWE ID : CWE-618 - CWE-623
Rated as : Critical
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2008-06-05
Technical Description
A vulnerability has been identified in Akamai Download Manager, which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by a design error in the embedded ActiveX control that does not restrict access to the "URL" property, which could be exploited by attackers to download and execute arbitrary files on a vulnerable system by tricking a user into visiting a specially crafted web page.
