CVE-2010-10001

Опубликовано: 28 мар. 2022

Источник: nvd

CVSS3: 5.3

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 1000000000000000 as part of a NZB File leads to a denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Ссылки

http://seclists.org/bugtraq/2010/Jul/60
Exploit
Mailing List
Third Party Advisory
https://vuldb.com/?id.4143
Permissions Required
Third Party Advisory
https://www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_malicious_nzb_date_denial_of_service.txt
Exploit
Third Party Advisory
http://seclists.org/bugtraq/2010/Jul/60
Exploit
Mailing List
Third Party Advisory
https://vuldb.com/?id.4143
Permissions Required
Third Party Advisory
https://www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_malicious_nzb_date_denial_of_service.txt
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:shemes:grabit:*:*:*:*:*:*:*:*

Версия до 1.7.2 (исключая)

cpe:2.3:a:shemes:grabit:1.7.2:beta:*:*:*:*:*:*

cpe:2.3:a:shemes:grabit:1.7.2:beta2:*:*:*:*:*:*

cpe:2.3:a:shemes:grabit:1.7.2:beta3:*:*:*:*:*:*

cpe:2.3:a:shemes:grabit:1.7.2:beta4:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00349

Низкий

5.3 Medium

CVSS3

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-404

Связанные уязвимости

GHSA-792j-xc78-h937

CVSS3: 5.5

github

почти 4 года назад

EPSS

Процентиль: 57%

0.00349

Низкий

5.3 Medium

CVSS3

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-404