![]() Further interaction with the software is not possible anymore. During the import of the malicious nzb file the application will freeze. The attack technique deployed by this issue is T1499 according to MITRE ATT&CK. Technical details and a public exploit are known. No form of authentication is needed for exploitation. ![]() It is possible to initiate the attack remotely. This vulnerability is uniquely identified as CVE-2010-10001. The public release was coordinated in cooperation with Shemes. It is possible to read the advisory at scip.ch. The weakness was presented by Marc Ruef with scip AG as VulDB 4143 as not defined bulletin (Website). This is going to have an impact on availability. The program does not release or incorrectly releases a resource before it is made available for re-use. The manipulation of the argument date with the input value 1000000000000000 leads to a denial of service vulnerability. This affects some unknown processing of the component NZB Date Parser. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 ßeta 4. The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |