CVE-2004-1793

Yatsoft Switch Off - Buffer Overflow

Title source: rule

Description

Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm.

Exploits (1)

exploitdb WORKING POC VERIFIED

by MrNice · cremotewindows

https://www.exploit-db.com/exploits/23509

View Code ZIP pw:eip

References (7)

[Exploit] http://www.securityfocus.com/bid/9340

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/14124

[Third Party Advisory, VDB Entry] http://www.osvdb.org/3309

[Exploit] http://www.elitehaven.net/switchoff.txt

[Exploit] http://www.securityfocus.com/archive/1/348693

[Exploit] http://securitytracker.com/id?1008581

[Exploit] http://secunia.com/advisories/10521

Scores

EPSS 0.0969

EPSS Percentile 92.9%

Details

Status published

Products (16)

yatsoft/switch_off 0.7

yatsoft/switch_off 1.0

yatsoft/switch_off 1.1

yatsoft/switch_off 1.2

yatsoft/switch_off 1.3

yatsoft/switch_off 1.4

yatsoft/switch_off 1.5

yatsoft/switch_off 1.5.1

yatsoft/switch_off 1.6

yatsoft/switch_off 1.7

... and 6 more

Published Dec 31, 2004

Tracked Since Feb 18, 2026