CVE-2007-1891

Name of the Vulnerable Software and Affected Versions: Akamai Technologies Download Manager ActiveX Control versions 2.0.4.4 through 2.2.1.0

Description: The issue is related to a stack-based buffer overflow in the GetPrivateProfileSectionW function, which can be exploited by remote attackers to execute arbitrary code. This is due to the misinterpretation of the nSize parameter as a byte count instead of a wide character count.

Recommendations: For versions 2.0.4.4 through 2.2.1.0, update to version 2.2.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the GetPrivateProfileSectionW function until a patch is available. Avoid using the nSize parameter in the affected function to minimize the risk of exploitation.