Buffer Overflow Vulnerability in EFS Easy Chat Server
CVE-2019-20502

7.5HIGH

Key Information:

Vendor: Echatserver
Status: Easy Chat Server
Vendor: CVE Published:; 5 March 2020

🔔 Create Echatserver Vulnerability Alert

What is CVE-2019-20502?

An issue in EFS Easy Chat Server version 3.1 allows for a buffer overflow through the manipulation of the body2.ghp message parameter. Attackers could leverage this vulnerability to disrupt service through excessively lengthy inputs, leading to potential denial of service scenarios. Proper handling and validation of user inputs are essential to mitigate the risks associated with this flaw.

References

https://github.com/s1kr10s/EasyChatServer-DOS

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 5, 2020
Vulnerability Reserved
Mar 5, 2020

CVE-2019-20502 Data

JSON