Akamai's Download Manager allows attackers to download arbitrary files onto a user's desktop. Using a so-called "blended threat" attack it is possible to execute arbitrary code. This attack affects the ActiveX control as well as the Java applet. This was fixed in version 2.2.5.4.