ID |
CVE-2017-9544
|
Summary |
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:echatserver:easy_chat_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:echatserver:easy_chat_server:2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:echatserver:easy_chat_server:2.1:*:*:*:*:*:*:*
cpe:2.3:a:echatserver:easy_chat_server:2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:echatserver:easy_chat_server:2.2:*:*:*:*:*:*:*
cpe:2.3:a:echatserver:easy_chat_server:2.2:*:*:*:*:*:*:*
-
cpe:2.3:a:echatserver:easy_chat_server:2.5:*:*:*:*:*:*:*
cpe:2.3:a:echatserver:easy_chat_server:2.5:*:*:*:*:*:*:*
-
cpe:2.3:a:echatserver:easy_chat_server:3.0:*:*:*:*:*:*:*
cpe:2.3:a:echatserver:easy_chat_server:3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:echatserver:easy_chat_server:3.1:*:*:*:*:*:*:*
cpe:2.3:a:echatserver:easy_chat_server:3.1:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.5 (as of 26-03-2021 - 17:56) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-787 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
26-03-2021 - 17:56 |
Published |
12-06-2017 - 06:29 |
Last modified |
26-03-2021 - 17:56 |