You are here

Home › Fortinet Discovers Critical Vulnerability...

Fortinet Discovers Critical Vulnerability Affecting Akamai Download Manager

Remote Buffer Overflow Vulnerability could Allow Attackers to Control Victims' Systems

SUNNYVALE, Calif., April 17, 2007 - Fortinet® - a pioneer and leading provider of unified threat management (UTM) solutions -today announced that its Fortinet Global Threat esearch Team discovered a remote buffer overflow vulnerability in Akamai Download Manager (CVE-2007-1891). The vulnerability could allow attackers to cause a denial of service or run arbitrary code on an infected system. When a user is then enticed to download a file that uses an affected version of the Akamai Download Manager, a maliciously formed UL causes a buffer overflow leading to an arbitrary command execution with the privileges of that user. This vulnerability is due to improper sanitization of remotely supplied data.

Akamai Download Manager users should immediately apply the update provided by Akamai. The vulnerability specifically affects users of Akamai Download Manager ActiveX Control 2.2.0.8, although updates are available for versions up to 2.2.1.0.

For more information on these vulnerabilities, please visit Fortinet's FortiGuard™ Center at http://www.fortiguardcenter.com/advisory/FGA-2007-05.html.

For ongoing threat research, bookmark the FortiGuard Center (www.fortiguardcenter.com/) or add it to your SS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

About Fortinet (www.fortinet.com)

Fortinet is the pioneer and market-leading provider of ASIC-accelerated unified threat management systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, Web content filtering, VPN, spyware prevention and antispam--providing customers a way to protect multiple threats as well as blended threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified eight times over by the ICSA (firewall, antivirus, IPSec, SSL, IDS, client antivirus detection, cleaning and antispyware). Fortinet is privately held and based in Sunnyvale, California.

How to Buy

Purchase Fortinet Products


Our IT team needs to support a number of small offices and people that regularly work from home. We were spending a significant amount of time troubleshooting problems for our teleworkers, and these problems often led to time consuming site visits. To reduce our support costs for teleworkers, we decided that we needed a smarter way of securing their access to our systems.

Michael Hughes
Team Leader of Technical Services
City of Boroondara