GrabIt Stack Based Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with GrabIt and is prone to stack-based buffer overflow vulnerability.

Impact

Successful exploitation will let the attacker cause stack overflow by crafting an 'NZB' file containing an overly large string as DTD URI. Impact level: Application

Solution

Upgrade to the latest version 1.7.2 Beta 4 http://www.shemes.com/index.php?p=download

Insight

This flaw is due to a boundary check error when processing the DOCTYPE declaration within '.NZB' files.

Affected

GrabIt version 1.7.2 Beta 3 and prior.

References

http://secunia.com/advisories/34893
http://www.shemes.com/index.php?p=whatsnew

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1586
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows)
BS.Player '.bsl' File Buffer Overflow Vulnerabilities
Cscope Multiple Buffer Overflow vulnerability
Audacity Buffer Overflow Vulnerability (Win)
Becky! Internet Mail Buffer Overflow Vulnerability

Take action and discover your vulnerabilities