Main Vulnerability Database Vulnerabilities #VU38879

#VU38879 Buffer overflow in Easy Chat Server - CVE-2017-9544

Published: June 12, 2017 / Updated: August 8, 2020

Vulnerability identifier: #VU38879

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2017-9544

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Easy Chat Server

Software vendor:
EFS Software Inc.

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.

Remediation

Install update from vendor's website.

External links

https://www.exploit-db.com/exploits/42155/

#VU38879 Buffer overflow in Easy Chat Server - CVE-2017-9544

Description

Remediation

External links

Please verify you're human