1. CVE-Search
  2. CVE-2004-2433
ID CVE-2004-2433
Summary Buffer overflow in the IsValidFile function in the ADM ActiveX control for Altnet Download Manager 4.0.0.4 and earlier, as used in Kazaa Media Desktop 1.3 through 2.6.4 and Grokkster 1.3 through 2.6, allows remote attackers to execute arbitrary code via a long bstrFilepath parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:altnet:altnet_download_manager:4.0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:altnet:altnet_download_manager:4.0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:altnet:altnet_download_manager:4.0.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:altnet:altnet_download_manager:4.0.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:grokster:grokster:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:grokster:grokster:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:grokster:grokster:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:grokster:grokster:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:grokster:grokster:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:grokster:grokster:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:kazaa:kazaa_media_desktop:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:kazaa:kazaa_media_desktop:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:kazaa:kazaa_media_desktop:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:kazaa:kazaa_media_desktop:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:kazaa:kazaa_media_desktop:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:kazaa:kazaa_media_desktop:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:kazaa:kazaa_media_desktop:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:kazaa:kazaa_media_desktop:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:kazaa:kazaa_media_desktop:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:kazaa:kazaa_media_desktop:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:kazaa:kazaa_media_desktop:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:kazaa:kazaa_media_desktop:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:kazaa:kazaa_media_desktop:2.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:kazaa:kazaa_media_desktop:2.6.4:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 11101
osvdb 9549
sectrack 1011155
secunia
  • 12446
  • 12456
xf adm-bstrfilepath-bo(17221)
Last major update 11-07-2017 - 01:31
Published 31-12-2004 - 05:00
Last modified 11-07-2017 - 01:31
Back to Top