Lucene search

[email protected]CVE-2004-2433

HistoryAug 18, 2005 - 4:00 a.m.

CVE-2004-2433

2005-08-1804:00:00

[email protected]

web.nvd.nist.gov

cve-2004-2433

buffer overflow

adm activex

remote code execution

altnet download manager

kazaa

grokkster

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.075 Low

EPSS

Percentile

94.2%

JSON

Buffer overflow in the IsValidFile function in the ADM ActiveX control for Altnet Download Manager 4.0.0.4 and earlier, as used in Kazaa Media Desktop 1.3 through 2.6.4 and Grokkster 1.3 through 2.6, allows remote attackers to execute arbitrary code via a long bstrFilepath parameter.

Affected configurations

NVD

Node

altnetaltnet_download_managerRange≤4.0.0.2

altnetaltnet_download_managerMatch4.0.0.4

grokstergroksterMatch1.3

grokstergroksterMatch1.3.3

grokstergroksterMatch2.6

kazaakazaa_media_desktopMatch1.3

kazaakazaa_media_desktopMatch1.3.1

kazaakazaa_media_desktopMatch1.3.2

kazaakazaa_media_desktopMatch1.6.1

kazaakazaa_media_desktopMatch2.0

kazaakazaa_media_desktopMatch2.0.2

kazaakazaa_media_desktopMatch2.6.4

CPENameOperatorVersion
altnet:altnet_download_manageraltnet altnet download managerle4.0.0.2
altnet:altnet_download_manageraltnet altnet download managereq4.0.0.4
grokster:grokstergrokstereq1.3
grokster:grokstergrokstereq1.3.3
grokster:grokstergrokstereq2.6
kazaa:kazaa_media_desktopkazaa kazaa media desktopeq1.3
kazaa:kazaa_media_desktopkazaa kazaa media desktopeq1.3.1
kazaa:kazaa_media_desktopkazaa kazaa media desktopeq1.3.2
kazaa:kazaa_media_desktopkazaa kazaa media desktopeq1.6.1
kazaa:kazaa_media_desktopkazaa kazaa media desktopeq2.0

CPE	Name	Operator	Version
altnet:altnet_download_manager	altnet altnet download manager	le	4.0.0.2
altnet:altnet_download_manager	altnet altnet download manager	eq	4.0.0.4
grokster:grokster	grokster	eq	1.3
grokster:grokster	grokster	eq	1.3.3
grokster:grokster	grokster	eq	2.6
kazaa:kazaa_media_desktop	kazaa kazaa media desktop	eq	1.3
kazaa:kazaa_media_desktop	kazaa kazaa media desktop	eq	1.3.1
kazaa:kazaa_media_desktop	kazaa kazaa media desktop	eq	1.3.2
kazaa:kazaa_media_desktop	kazaa kazaa media desktop	eq	1.6.1
kazaa:kazaa_media_desktop	kazaa kazaa media desktop	eq	2.0

Rows per page:

1-10 of 121

References

secunia.com/advisories/12446

secunia.com/advisories/12456

securitytracker.com/id?1011155

www.osvdb.org/9549

www.securityfocus.com/bid/11101

exchange.xforce.ibmcloud.com/vulnerabilities/17221

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.075 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2004-2433

cvelist1 kaspersky1 nvd1