Vulnerability Description
A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 1000000000000000 as part of a NZB File leads to a denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Shemes | Grabit | < 1.7.2 |
Related Weaknesses (CWE)
References
- http://seclists.org/bugtraq/2010/Jul/60ExploitMailing ListThird Party Advisory
- https://vuldb.com/?id.4143Permissions RequiredThird Party Advisory
- https://www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_mExploitThird Party Advisory
- http://seclists.org/bugtraq/2010/Jul/60ExploitMailing ListThird Party Advisory
- https://vuldb.com/?id.4143Permissions RequiredThird Party Advisory
- https://www.scip.ch/publikationen/advisories/scip_advisory-4143_shemes_grabbit_mExploitThird Party Advisory
FAQ
What is CVE-2010-10001?
CVE-2010-10001 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 10...
How severe is CVE-2010-10001?
CVE-2010-10001 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-10001?
Check the references section above for vendor advisories and patch information. Affected products include: Shemes Grabit.