CVE-2004-1264

ChBg 1.5 - Buffer Overflow in simplify_path Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1264. PoCs published by Danny Lungstrom.

AI-analyzed exploit summary The provided text is a vulnerability writeup for CVE-2004-1264, describing a remote buffer overflow in ChBg 1.5 due to improper boundary checks when processing scenario files. No actual exploit code is included, only a description of the vulnerability and its impact.

Description

Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote attackers to execute arbitrary code via a crafted chbg scenario file.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Danny Lungstrom · textremotelinux

https://www.exploit-db.com/exploits/24848

View Code ZIP pw:eip

The provided text is a vulnerability writeup for CVE-2004-1264, describing a remote buffer overflow in ChBg 1.5 due to improper boundary checks when processing scenario files. No actual exploit code is included, only a description of the vulnerability and its impact.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: ChBg 1.5

No auth needed

Prerequisites: A crafted malicious scenario file · User interaction to process the file with ChBg

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Vendor Advisory x_refsource_misc

http://tigger.uic.edu/~jlongs2/holes/chbg.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/18595

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2005/dsa-644

Vendor Advisory vendor-advisory x_refsource_mandrake

http://www.mandriva.com/security/advisories?name=MDKSA-2005:027

Scores

EPSS 0.0911

EPSS Percentile 94.7%

Details

Status published

Products (1)

chbg/chbg 1.5

Published Jan 10, 2005

Tracked Since Feb 18, 2026