Summary
This host has Shareaza installed and is prone Update Notification Spoofing vulnerabilities.
Impact
Successful exploitation will let the attackers conduct spoofing attacks.
Impact Level: Application
Solution
Upgrade Shareaza version to 2.3.1.0
http://shareaza.sourceforge.net/?id=download
Insight
The flaw is due to update notifications being handled via the domain update.shareaza.com, which is no longer controlled by the vendor. This can be exploited to spoof update notifications.
Affected
Shareaza version prior to 2.3.1.0
References
Severity
Classification
-
CVE CVE-2008-7164 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities - November12 (Windows)
- Adobe Air Remote Code Execution Vulnerability -June13 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Windows
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
- Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)