CVE-2004-2646

Free Web Chat 2.0 - DoS

Title source: llm

Description

The addUser function in UserManager.java in Free Web Chat 2.0 allows remote attackers to cause a denial of service (uncaught NullPointerException) via unknown attack vectors that cause the usrName variable to be null.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Donato Ferrante · cdosmultiple

https://www.exploit-db.com/exploits/24351

View Code ZIP pw:eip

References (6)

[Mailing List] http://marc.info/?l=bugtraq&m=109164397601049&w=2

[Exploit] http://www.securityfocus.com/bid/10863

[Exploit, Patch] http://securitytracker.com/alerts/2004/Aug/1010851.html

[Exploit, Patch] http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0102.html

[Third Party Advisory, VDB Entry] http://www.osvdb.org/8369

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16893

Scores

EPSS 0.1144

EPSS Percentile 93.6%

Details

Status published

Published Dec 31, 2004

Tracked Since Feb 18, 2026