SUNNYALE, Calif. -- Fortinet® the pioneer and leading provider of unified threat management (UTM) solutions today announced that its Fortinet Global Threat Research Team discovered a remote buffer overflow vulnerability in Akamai Download Manager (CVE-2007-1891). The vulnerability could allow attackers to cause a denial of service or run arbitrary code on an infected system. When a user is then enticed to download a file that uses an affected version of the Akamai Download Manager, a maliciously formed URL causes a buffer overflow leading to an arbitrary command execution with the privileges of that user. This vulnerability is due to improper sanitization of remotely supplied data.
Akamai Download Manager users should immediately apply the update provided by Akamai. The vulnerability specifically affects users of Akamai Download Manager ActiveX Control 22.214.171.124, although updates are available for versions up to 126.96.36.199.
For more information on these vulnerabilities, please visit Fortinets FortiGuard Center at http://www.fortiguardcenter.com/advisory/FGA-2007-05.html.
For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.