Bigantsoft » Bigant Im Message Server : Security Vulnerabilities, CVEs,
CVE-2012-6275
Public exploit
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request.
Max CVSS
10.0
EPSS Score
92.87%
Published
2013-02-24
Updated
2013-02-25
CVE-2012-6274
Public exploit
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors.
Max CVSS
5.0
EPSS Score
92.21%
Published
2013-02-24
Updated
2013-02-26
SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request.
Max CVSS
7.5
EPSS Score
0.09%
Published
2013-02-24
Updated
2013-02-25
3 vulnerabilities found