CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1208

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile12.68th
PublishedJan 10, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long password field in a join request.

Affected Platforms (CPE)

πŸ“¦
21 6 Productions

Orbz

= 2.5
πŸ“¦
21 6 Productions

Orbz

= 2.6
πŸ“¦
21 6 Productions

Orbz

= 2.7
πŸ“¦
21 6 Productions

Orbz

= 2.8
πŸ“¦
21 6 Productions

Orbz

= 2.9
πŸ“¦
21 6 Productions

Orbz

= 2.10

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=110176280402580&w=2
πŸ”— http://www.securityfocus.com/bid/11774
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18298
πŸ”— http://marc.info/?l=bugtraq&m=110176280402580&w=2
πŸ”— http://www.securityfocus.com/bid/11774
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18298

Related Vulnerabilities

CVE-2004-062710.0

The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-...

CVE-2004-059710.0

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary c...

CVE-2004-062110.0

admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel pa...

CVE-2004-063610.0

Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allo...