PT-2009-4074 · Shemes · Grabit
Niels Teusink
·
Publicado
2009-05-07
·
Atualizado
2018-10-10
·
CVE-2009-1586
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
GrabIt versions 1.7.2 Beta 3 and earlier
Description:
The issue is related to a stack-based buffer overflow in the NZB importer feature. This can be exploited by remote attackers through a crafted DTD reference in a DOCTYPE element in an NZB file, allowing them to execute arbitrary code.
Recommendations:
For GrabIt versions 1.7.2 Beta 3 and earlier, consider disabling the NZB importer feature until a patch is available to prevent potential exploitation.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Grabit