Vulnerabilities > Phrozensmoke

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-2712 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Phrozensmoke Gyach Enhanced
Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data."
network
low complexity
phrozensmoke CWE-119
5.0
2004-12-31 CVE-2004-2711 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Phrozensmoke Gyach Enhanced
Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retrieval."
network
low complexity
phrozensmoke CWE-119
7.5
2004-12-31 CVE-2004-2710 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Phrozensmoke Gyach Enhanced
Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending certain typing statuses or (2) setting the chat room status bar to the current chat room name.
network
low complexity
phrozensmoke CWE-119
7.5
2004-12-31 CVE-2004-2709 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Phrozensmoke Gyach Enhanced
Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags.
network
low complexity
phrozensmoke CWE-119
7.5
2004-12-31 CVE-2004-2708 Credentials Management vulnerability in Phrozensmoke Gyach Enhanced
Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file.
network
low complexity
phrozensmoke CWE-255
5.0
2004-12-31 CVE-2004-2707 Undisclosed vulnerability in GYach Enhanced
Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP server responses.
network
low complexity
phrozensmoke
7.5
2004-12-31 CVE-2004-2706 Improper Input Validation vulnerability in Phrozensmoke Gyach Enhanced
Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages.
network
low complexity
phrozensmoke CWE-20
5.0