Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2433

Description

Buffer overflow in the IsValidFile function in the ADM ActiveX control for Altnet Download Manager 4.0.0.4 and earlier, as used in Kazaa Media Desktop 1.3 through 2.6.4 and Grokkster 1.3 through 2.6, allows remote attackers to execute arbitrary code via a long bstrFilepath parameter.

Affected products

Altnet/Altnet Download Manager2 versions
cpe:2.3:a:altnet:altnet_download_manager:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:altnet:altnet_download_manager:*:*:*:*:*:*:*:*range: <=4.0.0.2
- cpe:2.3:a:altnet:altnet_download_manager:4.0.0.4:*:*:*:*:*:*:*
Grokster/Grokster3 versions
cpe:2.3:a:grokster:grokster:1.3:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:grokster:grokster:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:grokster:grokster:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:grokster:grokster:2.6:*:*:*:*:*:*:*
Kazaa/Kazaa Media Desktop7 versions
cpe:2.3:a:kazaa:kazaa_media_desktop:1.3:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:kazaa:kazaa_media_desktop:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:kazaa:kazaa_media_desktop:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:kazaa:kazaa_media_desktop:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:kazaa:kazaa_media_desktop:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:kazaa:kazaa_media_desktop:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:kazaa:kazaa_media_desktop:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:kazaa:kazaa_media_desktop:2.6.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/12446nvdPatchVendor Advisory
www.securityfocus.com/bid/11101nvdExploitPatch
secunia.com/advisories/12456nvdVendor Advisory
securitytracker.com/idnvd
www.osvdb.org/9549nvd
exchange.xforce.ibmcloud.com/vulnerabilities/17221nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000