Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2007-2722

Published: 16/05/2007 Updated: 11/10/2017
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 785
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Newzcrawler

Vulnerability Summary

Unspecified vulnerability in NewzCrawler 1.8 allows remote malicious users to cause a denial of service (application instability) via certain invalid strings in the URL attribute of an ENCLOSURE element, as demonstrated by a "%s" sequence, a "%Y" sequence, a "%%" sequence, and an "n," sequence.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

newzcrawler newzcrawler 1.8

Exploits

Exploit DB: NewzCrawler 1.8 - invalid string Remote Denial of Service
NewzCrawler 18 Remote Denial of Service Credits: gbr Tested on Windows XP SP2 NewzCrawler 18 becomes usntable and begin crash when parsering the 'url' atribute of 'enclosure' sub-element contends some invalid string* at time of show a new item of a RSS 20 file * '%s', '%Y', '%%', 'n,', and others PoC: <?xml version="10"?> &lt ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/23994http://osvdb.org/39768https://exchange.xforce.ibmcloud.com/vulnerabilities/34350https://www.exploit-db.com/exploits/3930https://nvd.nist.govhttps://www.exploit-db.com/exploits/3930/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook