Vulnerabilities > Bigantsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-02-24 | CVE-2012-6274 | Improper Authentication vulnerability in Bigantsoft Bigant IM Message Server BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors. | 5.0 |
| 2013-02-24 | CVE-2012-6273 | SQL Injection vulnerability in Bigantsoft Bigant IM Message Server SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request. | 7.5 |
| 2010-03-03 | CVE-2009-4661 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bigantsoft Bigant Server Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item. | 4.3 |
| 2010-03-03 | CVE-2009-4660 | Buffer Errors vulnerability in Bigantsoft Bigant Messenger 2.50 Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660. | 10.0 |
| 2008-04-22 | CVE-2008-1914 | Buffer Errors vulnerability in Bigantsoft Bigant Messenger 2.2 Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. | 10.0 |