Vulnerability Description
Buffer overflow in the IsValidFile function in the ADM ActiveX control for Altnet Download Manager 4.0.0.4 and earlier, as used in Kazaa Media Desktop 1.3 through 2.6.4 and Grokkster 1.3 through 2.6, allows remote attackers to execute arbitrary code via a long bstrFilepath parameter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Altnet | Altnet Download Manager | <= 4.0.0.2 |
| Grokster | Grokster | 1.3 |
| Kazaa | Kazaa Media Desktop | 1.3 |
References
- http://secunia.com/advisories/12446PatchVendor Advisory
- http://secunia.com/advisories/12456Vendor Advisory
- http://securitytracker.com/id?1011155
- http://www.osvdb.org/9549
- http://www.securityfocus.com/bid/11101ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17221
- http://secunia.com/advisories/12446PatchVendor Advisory
- http://secunia.com/advisories/12456Vendor Advisory
- http://securitytracker.com/id?1011155
- http://www.osvdb.org/9549
- http://www.securityfocus.com/bid/11101ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17221
FAQ
What is CVE-2004-2433?
CVE-2004-2433 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the IsValidFile function in the ADM ActiveX control for Altnet Download Manager 4.0.0.4 and earlier, as used in Kazaa Media Desktop 1.3 through 2.6.4 and Grokkster 1.3 through 2.6, ...
How severe is CVE-2004-2433?
CVE-2004-2433 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2433?
Check the references section above for vendor advisories and patch information. Affected products include: Altnet Altnet Download Manager, Grokster Grokster, Kazaa Kazaa Media Desktop.