CVE-2007-6339

EPSS 10.99%
Veröffentlicht 01.05.2008 19:05:00
Zuletzt bearbeitet 16.06.2026 22:47:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (DownloadManagerV2.ocx) before 2.2.3.5 allows remote attackers to force the download and execution of arbitrary code via unspecified "undocumented object parameters."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Akamai Technologies ≫ Download Manager Version <= 2.2.0.0

Akamai Technologies ≫ Download Manager Version <= 2.2.1.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	10.99%	0.953

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=695

Patch

http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061923.html

http://secunia.com/advisories/30037

http://www.securityfocus.com/bid/28993

Patch

http://www.securitytracker.com/id?1019955

http://www.vupen.com/english/advisories/2008/1408/references

https://exchange.xforce.ibmcloud.com/vulnerabilities/42117

https://nvd.nist.gov/vuln/detail/CVE-2007-6339

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-6339

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-6339

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2007-6339