Bigantsoft: Security Vulnerabilities
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.711
Published
2013-02-24
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request.
CVSS Score
10.0
EPSS Score
0.729
Published
2013-02-24
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
CVSS Score
10.0
EPSS Score
0.807
Published
2010-03-03
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
CVSS Score
4.3
EPSS Score
0.038
Published
2010-03-03
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
CVSS Score
10.0
EPSS Score
0.87
Published
2008-04-22
Page 2