Описание
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 2.0 (включая) до 3.1 (включая)
cpe:2.3:a:echatserver:easy_chat_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.79593
Высокий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.
EPSS
Процентиль: 99%
0.79593
Высокий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787