Intrusion Prevention

Akamai.Download.Manager.ActiveX.Insecure.Parameter.Used

Description

This indicates an attempt to exploit a parameter injection vulnerability in Akamai Download Manager.
The vulnerability is caused by an input validation error in Akamai Download Manager ActiveX Control 2.2.3.5, that occurs when processing some parameters. It allows remote attackers to save a downloaded file to an arbitrary location by tricking a user into visiting a malicious web page.

Affected Products

Akamai Download Manager ActiveX Control 2.2.3.5

Impact

System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Set the kill bit for CLSID "4871A87A-BFDD-4106-8153-FFDE2BAC2967".

CVE References

CVE-2008-1770