A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 1000000000000000 as part of a NZB File leads to a denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
http://seclists.org/bugtraq/2010/Jul/60 | Exploit Mailing List Third Party Advisory |
https://vuldb.com/?id.4143 | Permissions Required Third Party Advisory |
https://www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_malicious_nzb_date_denial_of_service.txt | Exploit Third Party Advisory |
http://seclists.org/bugtraq/2010/Jul/60 | Exploit Mailing List Third Party Advisory |
https://vuldb.com/?id.4143 | Permissions Required Third Party Advisory |
https://www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_malicious_nzb_date_denial_of_service.txt | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:13
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.3 |
References | () http://seclists.org/bugtraq/2010/Jul/60 - Exploit, Mailing List, Third Party Advisory | |
References | () https://vuldb.com/?id.4143 - Permissions Required, Third Party Advisory | |
References | () https://www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_malicious_nzb_date_denial_of_service.txt - Exploit, Third Party Advisory |
05 Apr 2022, 20:31
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:shemes:grabit:1.7.2:beta2:*:*:*:*:*:* cpe:2.3:a:shemes:grabit:1.7.2:beta4:*:*:*:*:*:* cpe:2.3:a:shemes:grabit:1.7.2:beta3:*:*:*:*:*:* cpe:2.3:a:shemes:grabit:*:*:*:*:*:*:*:* cpe:2.3:a:shemes:grabit:1.7.2:beta:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.5 |
CWE | CWE-404 | |
References | (MISC) https://vuldb.com/?id.4143 - Permissions Required, Third Party Advisory | |
References | (MISC) http://seclists.org/bugtraq/2010/Jul/60 - Exploit, Mailing List, Third Party Advisory | |
References | (MISC) https://www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_malicious_nzb_date_denial_of_service.txt - Exploit, Third Party Advisory |
28 Mar 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-28 21:15
Updated : 2024-11-21 01:13
NVD link : CVE-2010-10001
Mitre link : CVE-2010-10001
CVE.ORG link : CVE-2010-10001
JSON object : View
Products Affected
shemes
- grabit
CWE
CWE-404
Improper Resource Shutdown or Release