5
CVE-2004-2466
- EPSS 74.7%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:09:42
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Loginchat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Efs Software ≫ Easy Chat Server Version1.2
Efs Software ≫ Easy Chat Server Version2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 74.7% | 0.994 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/12006
http://archives.neohapsis.com/archives/bugtraq/2004-07/0013.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0077.html
http://packetstormsecurity.com/files/167892/Easy-Chat-Server-3.1-Buffer-Overflow.html
http://secunia.com/advisories/26461
http://secunia.com/advisories/58427
http://www.autistici.org/fdonato/advisory/EasyChatServer1.2-adv.txt
http://www.exploit-db.com/exploits/33326
http://www.osvdb.org/7416
http://www.securityfocus.com/bid/25328
http://www.securityfocus.com/bid/67384
http://www.vupen.com/english/advisories/2007/2901
https://exchange.xforce.ibmcloud.com/vulnerabilities/16629
https://exchange.xforce.ibmcloud.com/vulnerabilities/36013
https://www.exploit-db.com/exploits/4289