Lucene search

VulDBCVELIST:CVE-2010-10001

HistoryMar 28, 2022 - 8:45 p.m.

CVE-2010-10001 Shemes GrabIt NZB Date Parser denial of service

2022-03-2820:45:50

CWE-404

VulDB

www.cve.org

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

34.9%

JSON

A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 1000000000000000 as part of a NZB File leads to a denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CNA Affected

[
  {
    "product": "GrabIt",
    "vendor": "Shemes",
    "versions": [
      {
        "status": "affected",
        "version": "1.7.2 Beta 4"
      }
    ]
  }
]

References

seclists.org/bugtraq/2010/Jul/60

vuldb.com/?id.4143

www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_malicious_nzb_date_denial_of_service.txt

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

34.9%

JSON

Related for CVELIST:CVE-2010-10001