Search criteria
12 vulnerabilities found for centericq by centericq
FKIE_CVE-2007-0160
Vulnerability from fkie_nvd - Published: 2007-01-10 00:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0ACE60-DE41-43A1-BE91-A12573457757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09B7EF-8FAE-4DB6-9C47-39B70F30B988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC23E15-D1DD-46A5-BAEB-C985C4E6B354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C9823A36-1B02-4F28-BA93-7D0065253D04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE7391D-D3C7-4ACB-B76F-0D230243B392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDEC439-FC61-4C6F-887C-9B30D9440055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "40D97C71-684F-4E8E-89BB-B69E39E27813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el soporte LiveJournal (hooks/ljhook.cc) en CenterICQ versi\u00f3n 4.9.11 hasta versi\u00f3n 4.21.0, cuando se utilizan servidores LiveJournal no oficiales, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) y posiblemente ejecutar c\u00f3digo arbitrario mediante la adici\u00f3n de la v\u00edctima como amigo y el uso de (1) nombre de usuario largos y (2) cadenas de nombre real largas."
}
],
"evaluatorSolution": "Failed exploitation attempts will likely result in a denial-of-service condition.",
"id": "CVE-2007-0160",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-10T00:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33408"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2129"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017545"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/21932"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/21932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-3694
Vulnerability from fkie_nvd - Published: 2005-11-20 20:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centericq:centericq:4.20.0_r3:*:*:*:*:*:*:*",
"matchCriteriaId": "663C476C-2226-44A7-930B-A41F5AE40A97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "centericq 4.20.0-r3 with \"Enable peer-to-peer communications\" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus."
}
],
"id": "CVE-2005-3694",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-20T20:03:00.000",
"references": [
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/17798"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/17818"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/18081"
},
{
"source": "security@debian.org",
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"source": "security@debian.org",
"url": "http://www.osvdb.org/21270"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/15649"
},
{
"source": "security@debian.org",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"source": "security@debian.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/21270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-1852
Vulnerability from fkie_nvd - Published: 2005-07-26 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ekg | ekg | 1.0 | |
| ekg | ekg | 1.0_rc2 | |
| ekg | ekg | 1.0_rc3 | |
| ekg | ekg | 1.1 | |
| ekg | ekg | 1.1_rc1 | |
| ekg | ekg | 1.1_rc2 | |
| ekg | ekg | 1.3 | |
| ekg | ekg | 1.4 | |
| ekg | ekg | 1.5 | |
| ekg | ekg | 1.5_rc1 | |
| ekg | ekg | 1.5_rc2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| kde | kde | 3.3.2 | |
| kde | kde | 3.4 | |
| kde | kde | 3.4.0 | |
| kde | kde | 3.4.1 | |
| centericq | centericq | * | |
| kadu | kadu | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ekg:ekg:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13F32A39-4443-46C9-8E14-08AA59BC1CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.0_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "6531EE56-D685-4276-A911-E69C80F86561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.0_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "28012535-7CAD-456E-86A5-649CF21E28F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74A32270-8C65-4ED4-96CB-B389B97587A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.1_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A305C4-F461-429D-90F8-3FCC04D07635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.1_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF945FFF-C0D9-4C56-8B43-3ABE9530E939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17988E27-6C98-48B4-8779-4EF69E8DBD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12FCB0EE-8BCE-4E68-B78D-A57E8E9DEC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D723B90C-9746-4F94-A8A3-273240A2CBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.5_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E4CA2-0024-4F4E-AB1C-328539E17451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.5_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC21287-D631-4836-9945-9673A2BC9C7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D600E27F-A1D6-42C7-8ED1-FD508F5B3AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centericq:centericq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "865F252C-CC39-47D8-BCFD-66E3E331E514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kadu:kadu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0215DF17-C015-41E1-91F0-9D216209105C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en libgadu, usado en Kopete en KDE 3.2.3 hasta la 3.4.1, ekg anteriores a 1.6rc3, GNU Gadu, CenterICQ, Kadu, y otros paquetes, permite que atacantes remotos causen una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecuten c\u00f3digo arbitrario mediante un mensaje de entrada."
}
],
"id": "CVE-2005-1852",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-07-26T04:00:00.000",
"references": [
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16140"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16155"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16211"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16242"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"source": "security@debian.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"source": "security@debian.org",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"source": "security@debian.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"source": "security@debian.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-1914
Vulnerability from fkie_nvd - Published: 2005-07-18 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centericq:centericq:4.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCCBE8AE-0EEC-47B2-8035-92214D3F6758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CC839E-C455-437E-802F-5005F961FD16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA6C76D-65C1-4964-BF73-5857A83B47CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "584CF003-3F36-4657-A29D-B663E37C8185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A06A8E51-EE71-44C5-86BC-56E80C0CD749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C66D704-5C59-43F5-83A7-DDCA8091FF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "94147E48-5408-4166-9F5E-9959920F001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7D7062-2846-49AC-9A50-C3C94EE406FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.6.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "37CDBE0E-0F53-497C-9938-5F43A58C43B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCF3DED-8400-4C01-B024-B72A38D25344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "692C8394-89BC-4D45-93EE-7298F280AA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3B542683-239D-45AF-A03C-8756E227236F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "169063FC-8F03-4DCC-83E9-B409955ADEB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D5089220-5A3C-452E-9297-90E10626F12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.7.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B597EB-6911-4635-8AE0-328566C7578B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "44BA00BE-7D8E-4941-ACB2-181615E4F8DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D11A8822-324B-4362-883D-0036033F1C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2D16B5-2069-444B-BFFC-E71265484174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC176137-99C2-4464-B2FC-5723D313DDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FBCC1C14-038F-4C84-A818-29A597BA318A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "218B7E73-CAC4-4031-BAE7-5D0FF7FA7B1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C4A10E-0CD2-4FBC-9B71-497B59E30E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB15417E-54DC-4C5C-AF2B-9981AEDBB204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "32FE8DB7-1640-4025-8A48-D4509DE43710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C65DC489-A0C9-4A75-B1C5-48664149B248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F98BD0AF-D08B-425B-9AA6-B7CA64DB86AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C645D83F-719F-4A1D-BED4-331434143513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDDD7B8-7082-4BDB-9930-A918C1C17C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA84107B-3FC4-469E-82E2-B3AB88D5933B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "92B14DFE-82C3-470A-B69F-723B5D695F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA38135-C3CE-4CF7-BB1C-C206381F5746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7E355E-851C-4BA1-920A-C9199590F4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E08451E4-DE0F-4A03-99A2-8DABBBD19673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8FFFA3B0-4178-46B3-B0BC-36D94508CB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC88F504-56AE-4177-BBB8-8D3DA12B5986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C06E7D6A-6A68-483E-9A86-AF7584DD79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D327FC3-A968-4FF5-B5E8-961BBE73C527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E58DE8E-9EFC-42DA-B8FE-7A197B2B6C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAACE2C-A4B7-4DE1-8F22-D3D531AC3B95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF0301CC-47C2-4B5D-B209-9EC17CC7342A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48652F05-E788-4657-99A6-A823361FF2F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66475E5F-109E-4798-862C-4777CA43C8E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "98FC4971-E41C-433B-BEB9-A929D989502B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD5258C-3794-4B8F-9FD0-B2C2C11BB20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E302A0A4-9B88-4303-ACCF-F61FEF5D6CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C20BEB2-F7F6-4F65-8CA9-359D1A458657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC6E591-2E03-4C35-BA41-ED83A6A35DA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A729142-715C-4342-8A9A-82A927F7D4D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EFEC2193-E72E-4E88-AF12-3DA17F317957",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7A9C2C-2D27-4B4D-8243-6CFF71B5B89C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8247CA7B-63D0-40B4-BDEB-F7F6977A7A17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D228190A-0147-43F5-9F5A-FF3D9FAA12BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46494445-C015-49FC-BC22-6CF11DB9E524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AF480B43-39B5-4CC4-9618-604E7F6BEA8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A9327469-2982-4C33-B5B1-70C43BC9BECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0ACE60-DE41-43A1-BE91-A12573457757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F60E9DD9-9DB5-4FD4-88CC-5B9C09F31195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09B7EF-8FAE-4DB6-9C47-39B70F30B988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.9.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCF7591-6577-4B60-A3B4-F414323743EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFF31C2-6F14-4F93-84E2-E596168491CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4362F3D2-9BAD-4BD9-BDAC-FAE98EAA3C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC23E15-D1DD-46A5-BAEB-C985C4E6B354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D542930E-3BD8-476A-A48B-1DD7BA31558C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C9823A36-1B02-4F28-BA93-7D0065253D04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4414CBA4-015A-4B9D-AC76-87D4C22E9D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE7391D-D3C7-4ACB-B76F-0D230243B392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.14.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3003A41-6620-4263-8151-31B9FEAF3DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDEC439-FC61-4C6F-887C-9B30D9440055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centericq:centericq:4.20.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A664988-0D0D-4F0A-B127-DEFF76FBD877",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file."
},
{
"lang": "es",
"value": "CenterICQ 4.20.0 y anteriores crea ficheros temporales con nombres de ficheros predecibles, lo que permite que usuarios locales sobreescriban ficheros arbitrarios mediante un ataque de enlaces simb\u00f3licos en el fichero temporal \"gg.token.PID\"."
}
],
"id": "CVE-2005-1914",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-07-18T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/14144"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-0160 (GCVE-0-2007-0160)
Vulnerability from cvelistv5 – Published: 2007-01-10 00:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2129",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2129",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2129",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"refsource": "OSVDB",
"url": "http://osvdb.org/33408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0160",
"datePublished": "2007-01-10T00:00:00",
"dateReserved": "2007-01-09T00:00:00",
"dateUpdated": "2024-08-07T12:12:17.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3694 (GCVE-0-2005-3694)
Vulnerability from cvelistv5 – Published: 2005-11-20 20:00 – Updated: 2024-08-07 23:17
VLAI?
Summary
centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "centericq-zero-length-dos(23327)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18081"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "centericq 4.20.0-r3 with \"Enable peer-to-peer communications\" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "centericq-zero-length-dos(23327)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18081"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-3694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "centericq 4.20.0-r3 with \"Enable peer-to-peer communications\" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "centericq-zero-length-dos(23327)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=100519",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21270"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18081"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-3694",
"datePublished": "2005-11-20T20:00:00",
"dateReserved": "2005-11-20T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1852 (GCVE-0-2005-1852)
Vulnerability from cvelistv5 – Published: 2005-07-26 04:00 – Updated: 2024-08-07 22:06
VLAI?
Summary
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16155"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-1852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kde.org/info/security/advisory-20050721-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"refsource": "FEDORA",
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16155"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-1852",
"datePublished": "2005-07-26T04:00:00",
"dateReserved": "2005-06-06T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1914 (GCVE-0-2005-1914)
Vulnerability from cvelistv5 – Published: 2005-07-17 04:00 – Updated: 2024-09-16 23:35
VLAI?
Summary
CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-17T04:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-1914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zataz.net/adviso/centericq-06152005.txt",
"refsource": "MISC",
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1914",
"datePublished": "2005-07-17T04:00:00Z",
"dateReserved": "2005-06-08T00:00:00Z",
"dateUpdated": "2024-09-16T23:35:53.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0160 (GCVE-0-2007-0160)
Vulnerability from nvd – Published: 2007-01-10 00:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2129",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2129",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2129",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"refsource": "OSVDB",
"url": "http://osvdb.org/33408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0160",
"datePublished": "2007-01-10T00:00:00",
"dateReserved": "2007-01-09T00:00:00",
"dateUpdated": "2024-08-07T12:12:17.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3694 (GCVE-0-2005-3694)
Vulnerability from nvd – Published: 2005-11-20 20:00 – Updated: 2024-08-07 23:17
VLAI?
Summary
centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "centericq-zero-length-dos(23327)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18081"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "centericq 4.20.0-r3 with \"Enable peer-to-peer communications\" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "centericq-zero-length-dos(23327)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18081"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-3694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "centericq 4.20.0-r3 with \"Enable peer-to-peer communications\" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "centericq-zero-length-dos(23327)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=100519",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21270"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18081"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-3694",
"datePublished": "2005-11-20T20:00:00",
"dateReserved": "2005-11-20T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1852 (GCVE-0-2005-1852)
Vulnerability from nvd – Published: 2005-07-26 04:00 – Updated: 2024-08-07 22:06
VLAI?
Summary
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16155"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-1852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kde.org/info/security/advisory-20050721-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"refsource": "FEDORA",
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16155"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-1852",
"datePublished": "2005-07-26T04:00:00",
"dateReserved": "2005-06-06T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1914 (GCVE-0-2005-1914)
Vulnerability from nvd – Published: 2005-07-17 04:00 – Updated: 2024-09-16 23:35
VLAI?
Summary
CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-17T04:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-1914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zataz.net/adviso/centericq-06152005.txt",
"refsource": "MISC",
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1914",
"datePublished": "2005-07-17T04:00:00Z",
"dateReserved": "2005-06-08T00:00:00Z",
"dateUpdated": "2024-09-16T23:35:53.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}