Page 6 of 30 results (0.011 seconds)

CVSS: 6.8EPSS: 7%CPEs: 2EXPL: 0

The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (DownloadManagerV2.ocx) before 2.2.3.5 allows remote attackers to force the download and execution of arbitrary code via unspecified "undocumented object parameters." El control ActiveX del Gestor de descargas Akamai (Aka DLM dlmanager) (DownloadManagerV2.ocx) anterior a 2.2.3.5 permite a los atacantes remotos forzar la descarga y ejecución de código arbitrario mediante "parámetros indocumentados de objeto" sin especificar. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=695 http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061923.html http://secunia.com/advisories/30037 http://www.securityfocus.com/bid/28993 http://www.securitytracker.com/id?1019955 http://www.vupen.com/english/advisories/2008/1408/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42117 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 34%CPEs: 1EXPL: 0

Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize parameter as a byte count instead of a wide character count. Desbordamiento de búfer basado en pila en la función GetPrivateProfileSectionW del control ActiveX Akamai Technologies Download Manager (DownloadManagerV2.ocx) después de la versión 2.0.4.4 pero antes que la 2.2.1.0 permite a atacantes remotos ejecutar código de su elección , relacionado con la mala interpretación del parámetro nSize como un contador de bytes en lugar de un contador de ancho de carácter. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=514 http://secunia.com/advisories/24900 http://www.kb.cert.org/vuls/id/120241 http://www.osvdb.org/34323 http://www.securityfocus.com/archive/1/465908/100/0/threaded http://www.securityfocus.com/bid/23522 http://www.securitytracker.com/id?1017925 http://www.vupen.com/english/advisories/2007/1415 •

CVSS: 9.3EPSS: 15%CPEs: 1EXPL: 0

Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891. Desbordamiento de búfer basado en pila en el control ActiveX Technologies Download Manager (DownloadManagerV2.ocx) anterior a 2.2.1.0 permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados, un asunto diferente que CVE-2007-1891. • http://secunia.com/advisories/24900 http://www.osvdb.org/34324 http://www.securityfocus.com/archive/1/465908/100/0/threaded http://www.securityfocus.com/bid/23522 http://www.vupen.com/english/advisories/2007/1415 https://exchange.xforce.ibmcloud.com/vulnerabilities/33697 •

CVSS: 6.8EPSS: 81%CPEs: 1EXPL: 0

Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file. Desbordamiento de búfer basado en pila en el Adobe Download Manager anterior a 2.2 permite a atacantes remotos ejecutar código de su elección mediante un nombre de sección largo en el fichero dm.ini, el cual es rellenado mediante un fichero AOM. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Download Manager application. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the AOM file format parser. A long [URL] element inside of a [DownloadRecord] element within an AOM file will result in a stack-based buffer overflow condition leading to execution of arbitrary code. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html http://research.eeye.com/html/advisories/published/AD20061205.html http://secunia.com/advisories/23233 http://securitytracker.com/id?1017340 http://www.adobe.com/support/security/bulletins/apsb06-19.html http://www.kb.cert.org/vuls/id/448569 http://www.securityfocus.com/archive/1/453636/100/0/threaded http://www.securityfocus.com/archive/1/453755/100/0/threaded http://www.securityfocus.com/bid/21453 •

CVSS: 7.5EPSS: 13%CPEs: 1EXPL: 4

Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php. • http://securityreason.com/securityalert/1072 http://www.osvdb.org/26643 http://www.osvdb.org/26644 http://www.osvdb.org/26645 http://www.osvdb.org/26646 http://www.osvdb.org/26647 http://www.osvdb.org/26648 http://www.securityfocus.com/archive/1/436104/100/0/threaded http://www.securityfocus.com/archive/1/436107/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/26961 •