Vulnerability Details CVE-2017-9544
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.483
EPSS Ranking 97.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2017-9544
-
cpe:2.3:a:echatserver:easy_chat_server:2.0
-
cpe:2.3:a:echatserver:easy_chat_server:2.1
-
cpe:2.3:a:echatserver:easy_chat_server:2.2
-
cpe:2.3:a:echatserver:easy_chat_server:2.5
-
cpe:2.3:a:echatserver:easy_chat_server:3.0
-
cpe:2.3:a:echatserver:easy_chat_server:3.1