CVE-2004-2724

Name of the Vulnerable Software and Affected Versions LionMax Software Chat Anywhere version 2.72a

Description The issue allows remote attackers to cause a denial of service, resulting in a server crash and client CPU consumption. This can be achieved by using a username beginning with a percent (%) followed by a null character.

Recommendations For version 2.72a, as a temporary workaround, consider validating and sanitizing the username input to prevent the inclusion of percent (%) and null characters. Restrict access to the server until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.