CVE-2007-5217

Altnet Download Manager 4.0.0.6 - Stack-based Buffer Overflow via ADM4 ActiveX Install Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-5217. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/browser/kazaa_altnet_heap.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack buffer overflow in the Altnet Download Manager ActiveX Control (amd4.dll) via an overly long string to the 'Install()' method, leading to arbitrary code execution.

Description

Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in Altnet Download Manager 4.0.0.6, as used in (1) Kazaa 3.2.7 and (2) Grokster, allows remote attackers to execute arbitrary code via a long argument to the Install method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16496

This is a Metasploit module exploiting a stack buffer overflow in the Altnet Download Manager ActiveX Control (amd4.dll) via an overly long string to the 'Install()' method, leading to arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Kazaa Media Desktop 3.2.7
No auth needed
Prerequisites: Target must have Kazaa Media Desktop 3.2.7 installed · Target must visit a malicious webpage hosting the exploit
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/kazaa_altnet_heap.rb

This Metasploit module exploits a stack buffer overflow in the Altnet Download Manager ActiveX Control (amd4.dll) in Kazaa Media Desktop 3.2.7 via an overly long string to the 'Install()' method, leading to arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Kazaa Media Desktop 3.2.7
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be enabled in the browser
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36929
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25903
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3336
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26972
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3335
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37785
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38435
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26970

Scores

EPSS 0.2999
EPSS Percentile 98.0%

Details

CWE
CWE-119
Status published
Products (3)
altnet/altnet_download_manager 4.0.0.6
grokster/grokster 2.6
kazaa/kazaa_media_desktop 3.2.7
Published Oct 05, 2007
Tracked Since Feb 18, 2026