Vulnerability Details CVE-2017-9544
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.796
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2017-9544
-
cpe:2.3:a:echatserver:easy_chat_server:2.0
-
cpe:2.3:a:echatserver:easy_chat_server:2.1
-
cpe:2.3:a:echatserver:easy_chat_server:2.2
-
cpe:2.3:a:echatserver:easy_chat_server:2.5
-
cpe:2.3:a:echatserver:easy_chat_server:3.0
-
cpe:2.3:a:echatserver:easy_chat_server:3.1