PT-2009-4074 · Shemes · Grabit

Niels Teusink

Published

2009-05-07

Updated

2018-10-10

CVE-2009-1586

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: GrabIt versions 1.7.2 Beta 3 and earlier

Description: The issue is related to a stack-based buffer overflow in the NZB importer feature. This can be exploited by remote attackers through a crafted DTD reference in a DOCTYPE element in an NZB file, allowing them to execute arbitrary code.

Recommendations: For GrabIt versions 1.7.2 Beta 3 and earlier, consider disabling the NZB importer feature until a patch is available to prevent potential exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2009-1586

Affected Products

Grabit

PT-2009-4074 · Shemes · Grabit

CVE-2009-1586

Weakness Enumeration

Related Identifiers

Affected Products

References · 12