Vulnerability Description
Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in Altnet Download Manager 4.0.0.6, as used in (1) Kazaa 3.2.7 and (2) Grokster, allows remote attackers to execute arbitrary code via a long argument to the Install method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Altnet | Altnet Download Manager | 4.0.0.6 |
| Grokster | Grokster | 2.6 |
| Kazaa | Kazaa Media Desktop | 3.2.7 |
Related Weaknesses (CWE)
References
- http://osvdb.org/37785
- http://osvdb.org/38435
- http://secunia.com/advisories/26970Vendor Advisory
- http://secunia.com/advisories/26972Vendor Advisory
- http://www.securityfocus.com/bid/25903
- http://www.vupen.com/english/advisories/2007/3335
- http://www.vupen.com/english/advisories/2007/3336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36929
- http://osvdb.org/37785
- http://osvdb.org/38435
- http://secunia.com/advisories/26970Vendor Advisory
- http://secunia.com/advisories/26972Vendor Advisory
- http://www.securityfocus.com/bid/25903
- http://www.vupen.com/english/advisories/2007/3335
- http://www.vupen.com/english/advisories/2007/3336
FAQ
What is CVE-2007-5217?
CVE-2007-5217 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in Altnet Download Manager 4.0.0.6, as used in (1) Kazaa 3.2.7 and (2) Grokster, allows remote attackers to execute arbitrary code v...
How severe is CVE-2007-5217?
CVE-2007-5217 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5217?
Check the references section above for vendor advisories and patch information. Affected products include: Altnet Altnet Download Manager, Grokster Grokster, Kazaa Kazaa Media Desktop.