Vulnerabilities > CVE-2004-2646 - Denial Of Service vulnerability in Multiple Free Web Chat
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The addUser function in UserManager.java in Free Web Chat 2.0 allows remote attackers to cause a denial of service (uncaught NullPointerException) via unknown attack vectors that cause the usrName variable to be null.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Free Web Chat Initial Release UserManager.java Null Pointer DoS. CVE-2004-2646. Dos exploits for multiple platform |
| id | EDB-ID:24351 |
| last seen | 2016-02-02 |
| modified | 2004-08-04 |
| published | 2004-08-04 |
| reporter | Donato Ferrante |
| source | https://www.exploit-db.com/download/24351/ |
| title | Free Web Chat Initial Release UserManager.java Null Pointer DoS |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0102.html
- http://marc.info/?l=bugtraq&m=109164397601049&w=2
- http://securitytracker.com/alerts/2004/Aug/1010851.html
- http://www.osvdb.org/8369
- http://www.securityfocus.com/bid/10863
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16893