CVE-2009-1586

Published May 7, 2009

Last updated 6 years ago

CVSS info 9.3

Overview

Description: Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows remote attackers to execute arbitrary code via a crafted DTD reference in a DOCTYPE element in an NZB file.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:shemes:grabit:*:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63D3C24A-9303-4A37-B283-0B255B039C6B",
            "versionEndIncluding": "1.7.2"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.5.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF4FAFF4-AAAB-4487-99DC-93BB84214FEB"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.5.1:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFCE0B20-A57A-43CB-85E0-11FAECB4AEED"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.5.2:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C97E45F1-18EA-4259-867E-9C5339F2F43C"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.5.3:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D56088FE-7CE2-4061-8ADB-A77F3EC7DF4F"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.6.1:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8ACA2866-0BB6-4D47-95B7-0AFF898D7D50"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.6.2:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "280FAAD8-687C-43B4-9912-766AF3C3D074"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.7.1:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D34BC0B-2402-4562-B1AA-CBC72C6EF5ED"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.7.2:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B60949D3-D24E-44D2-B727-6B8DBC454B99"
          },
          {
            "criteria": "cpe:2.3:a:shemes:grabit:1.7.2:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74D3B18C-2150-4ED1-8DB5-3F5EE156FE95"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References