OSVDB ID: 37785

Title: Altnet Download Manager ADM4 ActiveX (adm4.dll) Install Method Arbitrary Code Execution

Info

Disclosure

Oct 03, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A buffer overflow exists in Altnet Download Manager. The adm4.dll ActiveX control fails to validate data passed to the Install() method resulting in a stack overflow. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access, Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure
OSVDB: Web Related

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: set the kill-bit on the ADM4 ActiveX Control (CLSID {DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2}). See Microsoft KB article 240797 for more details.

Products

Altnet

Download Manager ActiveX Control

4.0.0.6

References

CVE ID: 2007-5217 (see also: NVD)
Bugtraq ID: 25903
Secunia Advisory ID: 26970 26972
ISS X-Force ID: 36929
VUPEN Advisory: ADV-2007-3335 ADV-2007-3336

Credit

Parvez Anwar -

Direct URL: http://osvdb.org/37785