PT-2007-6300 · Sharman Networks+1 · Kazaa+2
Published
2007-10-05
·
Updated
2017-07-29
·
CVE-2007-5217
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Altnet Download Manager version 4.0.0.6
Kazaa version 3.2.7
Description
The issue is related to a stack-based buffer overflow in the ADM4 ActiveX control. This can be exploited by remote attackers to execute arbitrary code via a long argument to the
Install method.Recommendations
For Altnet Download Manager version 4.0.0.6, consider disabling the
Install method in the ADM4 ActiveX control until a patch is available.
For Kazaa version 3.2.7, restrict access to the ADM4 ActiveX control to minimize the risk of exploitation.Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Adm4 Activex Control
Altnet Download Manager
Kazaa