GrabIt Stack Based Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with GrabIt and is prone to stack-based buffer overflow vulnerability.

Impact

Successful exploitation will let the attacker cause stack overflow by crafting an 'NZB' file containing an overly large string as DTD URI. Impact level: Application

Solution

Upgrade to the latest version 1.7.2 Beta 4 http://www.shemes.com/index.php?p=download

Insight

This flaw is due to a boundary check error when processing the DOCTYPE declaration within '.NZB' files.

Affected

GrabIt version 1.7.2 Beta 3 and prior.

References

http://secunia.com/advisories/34893
http://www.shemes.com/index.php?p=whatsnew

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1586

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Asterisk HTTP Manager Buffer Overflow Vulnerability
Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)
Anzio Web Print Object ActiveX Control Remote BOF Vulnerability
Adobe PageMaker Font Structure Multiple BOF Vulnerabilities
Apple iTunes '.pls' Files Buffer Overflow Vulnerability

Take action and discover your vulnerabilities