Shareaza Update Notification Spoofing Vulnerability Network Vulnerability

Summary

This host has Shareaza installed and is prone Update Notification Spoofing vulnerabilities.

Impact

Successful exploitation will let the attackers conduct spoofing attacks. Impact Level: Application

Solution

Upgrade Shareaza version to 2.3.1.0 http://shareaza.sourceforge.net/?id=download

Insight

The flaw is due to update notifications being handled via the domain update.shareaza.com, which is no longer controlled by the vendor. This can be exploited to spoof update notifications.

Affected

Shareaza version prior to 2.3.1.0

References

http://secunia.com/advisories/28302
http://sourceforge.net/project/shownotes.php?group_id=110672&release_id=565250
http://xforce.iss.net/xforce/xfdb/39484

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-7164

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Windows)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Mac OS X)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)

Take action and discover your vulnerabilities