![]() ![]() The ActiveX control persists on the user's system unless it is deleted manually. Download Manager is available as an ActiveX component or Java applet. The latest version of Akamai Download Manager can be obtained using the following URL:ĭownload Manager provides a simplified method of distributing, downloading,and installing digitized assets via the Internet. ![]() Specifically, both the Java and ActiveX versions ignore the configuration option target when set to DESKTOP. This issue was tested on Akamai Download Manager version 2.2.4.8 using Windows XP SP3 running Internet Explorer 6, 7 & 8 and Windows Vista running Internet Explorer 8.Īkamai reports that this vulnerability should have been fixed in version 2.2.5.4 of the Akamai Download Manager for both Java and ActiveX. This attack affects the ActiveX control as well as the Java applet. Using a so-called "blended threat" attack it is possible to execute arbitrary code. Akamai Download Manager arbitrary file download & executionĪkamai's Download Manager allows attackers to download arbitrary files onto a user's desktop.
0 Comments
Leave a Reply. |