CVE-2004-1264

Name of the Vulnerable Software and Affected Versions ChBg version 1.5

Description The issue concerns multiple vulnerabilities in the ChBg package of the Debian GNU/Linux operating system, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. A buffer overflow in the simplify path function in config.c allows remote attackers to execute arbitrary code via a crafted ChBg scenario file.

Recommendations For ChBg version 1.5, consider restricting access to the simplify path function in config.c until a patch is available. As a temporary workaround, avoid using crafted ChBg scenario files that could trigger the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.