CVSS: 9.3EPSS: 13%CPEs: 4EXPL: 1CVE-2008-1770 – Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download
https://notcve.org/view.php?id=CVE-2008-1770
04 Jun 2008 — CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote attackers to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line. Vulnerabilidad de inyección CRLF en el control ActiveX Akamai Download Manager anteriores a la 2.2.3.6, permite a atacantes remotos forzar la descarga y ejecución de archivos arbitrariamente a través de un parámetro URL que contiene un LF codificado seguido de una... • https://www.exploit-db.com/exploits/5741 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2007-6339
https://notcve.org/view.php?id=CVE-2007-6339
01 May 2008 — The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (DownloadManagerV2.ocx) before 2.2.3.5 allows remote attackers to force the download and execution of arbitrary code via unspecified "undocumented object parameters." El control ActiveX del Gestor de descargas Akamai (Aka DLM dlmanager) (DownloadManagerV2.ocx) anterior a 2.2.3.5 permite a los atacantes remotos forzar la descarga y ejecución de código arbitrario mediante "parámetros indocumentados de objeto" sin especificar. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=695 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 17%CPEs: 1EXPL: 0CVE-2007-1891
https://notcve.org/view.php?id=CVE-2007-1891
18 Apr 2007 — Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize parameter as a byte count instead of a wide character count. Desbordamiento de búfer basado en pila en la función GetPrivateProfileSectionW del control ActiveX Akamai Technologies Download Manager (DownloadManagerV2.ocx) después de la v... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=514 •
CVSS: 9.8EPSS: 8%CPEs: 1EXPL: 0CVE-2007-1892
https://notcve.org/view.php?id=CVE-2007-1892
18 Apr 2007 — Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891. Desbordamiento de búfer basado en pila en el control ActiveX Technologies Download Manager (DownloadManagerV2.ocx) anterior a 2.2.1.0 permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados, un asunto diferente que CVE-2007-1891. • http://secunia.com/advisories/24900 •
CVSS: 9.8EPSS: 59%CPEs: 1EXPL: 0CVE-2006-5856 – Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-5856
06 Dec 2006 — Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file. Desbordamiento de búfer basado en pila en el Adobe Download Manager anterior a 2.2 permite a atacantes remotos ejecutar código de su elección mediante un nombre de sección largo en el fichero dm.ini, el cual es rellenado mediante un fichero AOM. This vulnerability allows remote attackers to execute arbitrary cod... • http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 4CVE-2006-2964
https://notcve.org/view.php?id=CVE-2006-2964
12 Jun 2006 — Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php. • http://securityreason.com/securityalert/1072 •