All the vulnerabilites related to rob_flynn - gaim
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EFC670-8B21-4ABC-B656-989FEF3FE7D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read."
}
],
"id": "CVE-2005-0967",
"lastModified": "2024-11-20T23:56:17.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14815"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1013645"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://sourceforge.net/tracker/?func=detail\u0026aid=1172115\u0026group_id=235\u0026atid=100235"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/13004"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1013645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://sourceforge.net/tracker/?func=detail\u0026aid=1172115\u0026group_id=235\u0026atid=100235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9657"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector."
},
{
"lang": "es",
"value": "La funcionalidad de temas de iconos gestuales (smileys) de Gaim anteriores a 0.82 permite a atacantes remotos ejecutar comandos de su elecci\u00f3n mediante metacaract\u00e9res de shell en el nombre del fichero o del fichero tar que es arrastrado al selector del icono."
}
],
"id": "CVE-2004-0784",
"lastModified": "2024-11-20T23:49:23.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17144"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-19 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F2CA84A-79B4-46B3-82A2-EF3DA1338B0A",
"versionEndIncluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error."
}
],
"id": "CVE-2005-1934",
"lastModified": "2024-11-20T23:58:26.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-19T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1205290\u0026group_id=235\u0026atid=100235"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/13932"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1205290\u0026group_id=235\u0026atid=100235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-09-24 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link."
}
],
"id": "CVE-2002-0989",
"lastModified": "2024-11-20T23:40:20.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-09-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000521"
},
{
"source": "cve@mitre.org",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"source": "cve@mitre.org",
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103046442403404\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/4471"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-158"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9978.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5033"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-189.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-190.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-191.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103046442403404\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/4471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9978.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-189.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-190.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-191.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5574"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 | |
| rob_flynn | gaim | 0.78 | |
| rob_flynn | gaim | 0.82 | |
| rob_flynn | gaim | 0.82.1 | |
| rob_flynn | gaim | 1.0 | |
| rob_flynn | gaim | 1.0.1 | |
| gentoo | linux | * | |
| gentoo | linux | 1.4 | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | 10.0 | |
| slackware | slackware_linux | current | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.78:*:*:*:*:*:*:*",
"matchCriteriaId": "5414E26C-C4BD-4E88-A9F4-05312F303BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A65A06-A2D9-4ACD-A19A-5CC0D6636139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EF25C4-A89D-4FBC-8EBE-89B502369A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43BC7CF5-118A-4127-BA07-749179FA5A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an \"unexpected sequence of MSNSLP messages\" that results in an unbounded copy operation that writes to the wrong buffer."
}
],
"id": "CVE-2004-0891",
"lastModified": "2024-11-20T23:49:37.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-8-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:55
Severity ?
Summary
Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF6F9FB-C9DA-44BB-9AF7-E8D828788873",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains \"(\" or \")\" (parenthesis) characters."
}
],
"id": "CVE-2005-0573",
"lastModified": "2024-11-20T23:55:25.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=full-disclosure\u0026m=110928380421841\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=full-disclosure\u0026m=110928380421841\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013300"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-05-29 04:00
Modified
2024-11-20 23:38
Severity ?
Summary
Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files."
}
],
"id": "CVE-2002-0377",
"lastModified": "2024-11-20T23:38:56.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-05-29T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=102130733815285\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9061.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=102130733815285\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9061.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4730"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Gaim anteriores a 0.82 permite a atacantes remotos causar una dengaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante (1) mensajes en Formato de Texto Enriquecido (RTF), (2) un nombre de m\u00e1quina largo obtenido del DNS, o (3) una URL larga que no es manejada adecuadamente por el decodificador de URL."
}
],
"id": "CVE-2004-0785",
"lastModified": "2024-11-20T23:49:24.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=3"
},
{
"source": "cve@mitre.org",
"url": "http://gaim.sourceforge.net/security/?id=4"
},
{
"source": "cve@mitre.org",
"url": "http://gaim.sourceforge.net/security/?id=5"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12383"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12480"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12929"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13101"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1011083"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/9261"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/9262"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/9263"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17141"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17142"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17143"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/security/?id=4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/security/?id=5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1011083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/9261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/9262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/9263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EFC670-8B21-4ABC-B656-989FEF3FE7D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions."
}
],
"id": "CVE-2005-0966",
"lastModified": "2024-11-20T23:56:17.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=14"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14815"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=235\u0026release_id=317750"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/13003"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19937"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19939"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=235\u0026release_id=317750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9185"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-08-16 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43BC7CF5-118A-4127-BA07-749179FA5A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97BB3FC7-C33B-4FA6-84F9-5894DFAB7B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "93EBDBD2-D687-4680-998A-3C89477EC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97B13807-C799-4589-9546-2680D122C5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85F91275-123E-412C-AA15-B2010D656D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF6F9FB-C9DA-44BB-9AF7-E8D828788873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA41A48-DCDE-4DB9-BE38-FC255A712478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EFC670-8B21-4ABC-B656-989FEF3FE7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7051327C-FB24-45C8-BF62-BD88DA838911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9260E414-FB80-4872-B158-F9FA77733794",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters."
}
],
"id": "CVE-2005-2102",
"lastModified": "2024-11-20T23:58:48.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-16T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://gaim.sourceforge.net/security/?id=21"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/14531"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/168-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/security/?id=21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/168-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EFC670-8B21-4ABC-B656-989FEF3FE7D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read."
}
],
"id": "CVE-2005-0965",
"lastModified": "2024-11-20T23:56:17.363",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=13"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14815"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/12999"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11292"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-14 05:00
Modified
2024-11-20 23:55
Severity ?
Summary
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 1.0 | |
| rob_flynn | gaim | 1.0.1 | |
| rob_flynn | gaim | 1.1.1 | |
| rob_flynn | gaim | 1.1.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux_desktop | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43BC7CF5-118A-4127-BA07-749179FA5A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0208."
}
],
"id": "CVE-2005-0473",
"lastModified": "2024-11-20T23:55:13.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-03-14T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"source": "secalert@redhat.com",
"url": "http://gaim.sourceforge.net/security/index.php?id=11"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/14322"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/523888"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/12589"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/security/index.php?id=11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/523888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-11 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 | |
| rob_flynn | gaim | 0.76 | |
| rob_flynn | gaim | 0.77 | |
| rob_flynn | gaim | 0.78 | |
| rob_flynn | gaim | 0.79 | |
| rob_flynn | gaim | 0.80 | |
| rob_flynn | gaim | 0.81 | |
| rob_flynn | gaim | 0.82 | |
| rob_flynn | gaim | 0.82.1 | |
| rob_flynn | gaim | 1.0.0 | |
| rob_flynn | gaim | 1.0.1 | |
| rob_flynn | gaim | 1.0.2 | |
| rob_flynn | gaim | 1.0.3 | |
| rob_flynn | gaim | 1.1.0 | |
| rob_flynn | gaim | 1.1.1 | |
| rob_flynn | gaim | 1.1.2 | |
| rob_flynn | gaim | 1.1.3 | |
| rob_flynn | gaim | 1.1.4 | |
| rob_flynn | gaim | 1.2.0 | |
| rob_flynn | gaim | 1.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.76:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC19763-0085-4633-A370-FECB86F90C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.77:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7A6C84-66CB-45E5-972B-CFF6D82D5767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.78:*:*:*:*:*:*:*",
"matchCriteriaId": "5414E26C-C4BD-4E88-A9F4-05312F303BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.79:*:*:*:*:*:*:*",
"matchCriteriaId": "A50DB77D-DF16-4596-826B-C30F2F0CDC07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF490A8-67ED-4330-A230-98CB60A16B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "8143534B-FADA-496F-9252-7D8F27407464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A65A06-A2D9-4ACD-A19A-5CC0D6636139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EF25C4-A89D-4FBC-8EBE-89B502369A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97BB3FC7-C33B-4FA6-84F9-5894DFAB7B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "93EBDBD2-D687-4680-998A-3C89477EC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97B13807-C799-4589-9546-2680D122C5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85F91275-123E-412C-AA15-B2010D656D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF6F9FB-C9DA-44BB-9AF7-E8D828788873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA41A48-DCDE-4DB9-BE38-FC255A712478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EFC670-8B21-4ABC-B656-989FEF3FE7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7051327C-FB24-45C8-BF62-BD88DA838911",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL."
}
],
"id": "CVE-2005-1261",
"lastModified": "2024-11-20T23:56:57.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-11T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=16"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/13590"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:53
Severity ?
Summary
Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 | |
| rob_flynn | gaim | 0.76 | |
| rob_flynn | gaim | 0.77 | |
| rob_flynn | gaim | 0.78 | |
| rob_flynn | gaim | 0.79 | |
| rob_flynn | gaim | 0.80 | |
| rob_flynn | gaim | 0.81 | |
| rob_flynn | gaim | 0.82 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.76:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC19763-0085-4633-A370-FECB86F90C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.77:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7A6C84-66CB-45E5-972B-CFF6D82D5767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.78:*:*:*:*:*:*:*",
"matchCriteriaId": "5414E26C-C4BD-4E88-A9F4-05312F303BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.79:*:*:*:*:*:*:*",
"matchCriteriaId": "A50DB77D-DF16-4596-826B-C30F2F0CDC07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF490A8-67ED-4330-A230-98CB60A16B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "8143534B-FADA-496F-9252-7D8F27407464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A65A06-A2D9-4ACD-A19A-5CC0D6636139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory."
}
],
"id": "CVE-2004-2589",
"lastModified": "2024-11-20T23:53:44.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://gaim.sourceforge.net/security/?id=6"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/12383"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1011083"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/9264"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/security/?id=6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/12383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1011083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/9264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17150"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-06-16 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.76:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC19763-0085-4633-A370-FECB86F90C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.77:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7A6C84-66CB-45E5-972B-CFF6D82D5767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.78:*:*:*:*:*:*:*",
"matchCriteriaId": "5414E26C-C4BD-4E88-A9F4-05312F303BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.79:*:*:*:*:*:*:*",
"matchCriteriaId": "A50DB77D-DF16-4596-826B-C30F2F0CDC07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF490A8-67ED-4330-A230-98CB60A16B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "8143534B-FADA-496F-9252-7D8F27407464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A65A06-A2D9-4ACD-A19A-5CC0D6636139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EF25C4-A89D-4FBC-8EBE-89B502369A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43BC7CF5-118A-4127-BA07-749179FA5A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97BB3FC7-C33B-4FA6-84F9-5894DFAB7B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "93EBDBD2-D687-4680-998A-3C89477EC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97B13807-C799-4589-9546-2680D122C5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85F91275-123E-412C-AA15-B2010D656D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF6F9FB-C9DA-44BB-9AF7-E8D828788873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA41A48-DCDE-4DB9-BE38-FC255A712478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EFC670-8B21-4ABC-B656-989FEF3FE7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7051327C-FB24-45C8-BF62-BD88DA838911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9260E414-FB80-4872-B158-F9FA77733794",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name."
}
],
"id": "CVE-2005-1269",
"lastModified": "2024-11-20T23:56:58.103",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-06-16T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://gaim.sourceforge.net/security/?id=18"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/13931"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A744"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9544"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/139-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/security/?id=18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/139-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:54
Severity ?
Summary
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85F91275-123E-412C-AA15-B2010D656D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF6F9FB-C9DA-44BB-9AF7-E8D828788873",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0473."
}
],
"id": "CVE-2005-0208",
"lastModified": "2024-11-20T23:54:38.327",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=12"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14386"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/795812"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12660"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/795812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:38
Severity ?
Summary
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el plug-in Jabber en el cliente Gaim anteriores a 0.589 permite a atacantes ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2002-0384",
"lastModified": "2024-11-20T23:38:57.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/4358"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9766.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3729"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/4358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9766.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5406"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-07-26 04:00
Modified
2024-11-20 23:59
Severity ?
Summary
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ekg:ekg:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74A32270-8C65-4ED4-96CB-B389B97587A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17988E27-6C98-48B4-8779-4EF69E8DBD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12FCB0EE-8BCE-4E68-B78D-A57E8E9DEC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D723B90C-9746-4F94-A8A3-273240A2CBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:1.6_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4A4DE4D-6521-49DF-917A-7621CABA3D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:2005-04-11:*:*:*:*:*:*:*",
"matchCriteriaId": "0288DF54-4271-42AD-8985-07440A7CFBC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ekg:ekg:2005-06-05:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1B9704-DBF5-4973-9E37-D6D904B15626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA6DFFE-838F-4E5D-AD19-77201AAFDED1",
"versionEndIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple \"memory alignment errors\" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message."
},
{
"lang": "es",
"value": "M\u00faltiples \"errores de alineamiento de memoria\" en libgadu, usado en ekg anterior a la 1.5rc2, Gaim anteriores a 1.5.0 y otros paquetes permite que atacantes remotos causen una denegaci\u00f3n de servicio (error de bus) en ciertas arquitecturas, tales como SPACRC, mediante un mensaje de entrada."
}
],
"id": "CVE-2005-2370",
"lastModified": "2024-11-20T23:59:23.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-07-26T04:00:00.000",
"references": [
{
"source": "security@debian.org",
"url": "http://gaim.sourceforge.net/security/index.php?id=20"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16265"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2005/dsa-813"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2007/dsa-1318"
},
{
"source": "security@debian.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/24600"
},
{
"source": "security@debian.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/security/index.php?id=20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en Gaim anteriores a 0.82 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante una la varible de tama\u00f1o en mensajes de servidor Groupware."
}
],
"id": "CVE-2004-0754",
"lastModified": "2024-11-20T23:49:19.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12383"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12480"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13101"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1011083"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/9260"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17140"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1011083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/9260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-03 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | * | |
| ultramagnetic | ultramagnetic | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0207F046-59D5-4F9B-89FC-E789D83D939C",
"versionEndIncluding": "0.75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ultramagnetic:ultramagnetic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A512FDD-F4A5-455F-B0B0-9F35EE432586",
"versionEndIncluding": "0.81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Gaim 0.75 y anteriores, y Ultramagnetic anteriores a de 0.81, permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2004-0006",
"lastModified": "2024-11-20T23:47:34.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/297198"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/371382"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/444158"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/503030"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/527142"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/871838"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3731"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3732"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/9489"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14939"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14940"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14941"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14943"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14945"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14947"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/297198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/371382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/444158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/503030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/527142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/871838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/9489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-14 05:00
Modified
2024-11-20 23:55
Severity ?
Summary
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 1.0 | |
| rob_flynn | gaim | 1.0.1 | |
| rob_flynn | gaim | 1.1.1 | |
| rob_flynn | gaim | 1.1.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux_desktop | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43BC7CF5-118A-4127-BA07-749179FA5A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ."
}
],
"id": "CVE-2005-0472",
"lastModified": "2024-11-20T23:55:12.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-03-14T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=10"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/14322"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-716"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/839280"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/12589"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/839280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-03 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | * | |
| ultramagnetic | ultramagnetic | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0D1E45-C32E-45C0-9AA2-130186618993",
"versionEndIncluding": "0.74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ultramagnetic:ultramagnetic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A512FDD-F4A5-455F-B0B0-9F35EE432586",
"versionEndIncluding": "0.81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la Funci\u00f3n Extract Info Field en los manejadores de protocolos de MSN e YMSG en Gaim 0.74 y anteriores, y Ultramagnetic anteriores a 0.81 permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2004-0007",
"lastModified": "2024-11-20T23:47:34.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/197142"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3733"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/advisories/6281"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/9489"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14946"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/197142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/advisories/6281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/9489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2024-11-20 23:34
Severity ?
Summary
Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag."
}
],
"id": "CVE-2000-1172",
"lastModified": "2024-11-20T23:34:10.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-01-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1948"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-11 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 | |
| rob_flynn | gaim | 0.76 | |
| rob_flynn | gaim | 0.77 | |
| rob_flynn | gaim | 0.78 | |
| rob_flynn | gaim | 0.79 | |
| rob_flynn | gaim | 0.80 | |
| rob_flynn | gaim | 0.81 | |
| rob_flynn | gaim | 0.82 | |
| rob_flynn | gaim | 0.82.1 | |
| rob_flynn | gaim | 1.0.0 | |
| rob_flynn | gaim | 1.0.1 | |
| rob_flynn | gaim | 1.0.2 | |
| rob_flynn | gaim | 1.0.3 | |
| rob_flynn | gaim | 1.1.0 | |
| rob_flynn | gaim | 1.1.1 | |
| rob_flynn | gaim | 1.1.2 | |
| rob_flynn | gaim | 1.1.3 | |
| rob_flynn | gaim | 1.1.4 | |
| rob_flynn | gaim | 1.2.0 | |
| rob_flynn | gaim | 1.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.76:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC19763-0085-4633-A370-FECB86F90C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.77:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7A6C84-66CB-45E5-972B-CFF6D82D5767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.78:*:*:*:*:*:*:*",
"matchCriteriaId": "5414E26C-C4BD-4E88-A9F4-05312F303BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.79:*:*:*:*:*:*:*",
"matchCriteriaId": "A50DB77D-DF16-4596-826B-C30F2F0CDC07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF490A8-67ED-4330-A230-98CB60A16B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "8143534B-FADA-496F-9252-7D8F27407464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A65A06-A2D9-4ACD-A19A-5CC0D6636139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EF25C4-A89D-4FBC-8EBE-89B502369A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97BB3FC7-C33B-4FA6-84F9-5894DFAB7B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "93EBDBD2-D687-4680-998A-3C89477EC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97B13807-C799-4589-9546-2680D122C5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85F91275-123E-412C-AA15-B2010D656D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF6F9FB-C9DA-44BB-9AF7-E8D828788873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA41A48-DCDE-4DB9-BE38-FC255A712478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EFC670-8B21-4ABC-B656-989FEF3FE7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7051327C-FB24-45C8-BF62-BD88DA838911",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message."
}
],
"id": "CVE-2005-1262",
"lastModified": "2024-11-20T23:56:57.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-11T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/13591"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 | |
| gentoo | linux | 1.4 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en los conectores de protocolo MSN (1) object.c y (2) slp.c en Gaim anteriores a 0.83 permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante mensajes de protocolo MSNSLP que no son manejados adecuadamene por una llamada strncpy."
}
],
"id": "CVE-2004-0500",
"lastModified": "2024-11-20T23:48:43.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"source": "cve@mitre.org",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10865"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-03 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | * | |
| ultramagnetic | ultramagnetic | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0D1E45-C32E-45C0-9AA2-130186618993",
"versionEndIncluding": "0.74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ultramagnetic:ultramagnetic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A512FDD-F4A5-455F-B0B0-9F35EE432586",
"versionEndIncluding": "0.81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en Gaim 0.74 y anteriores, y Ultramagnetic anteriores a 0.81 permite a atacantes remotos causar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2004-0008",
"lastModified": "2024-11-20T23:47:34.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107522338611564\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3734"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107522338611564\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2004-0891
Vulnerability from cvelistv5
Published
2004-10-21 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17787 | vdb-entry, x_refsource_XF | |
| https://bugzilla.fedora.us/show_bug.cgi?id=2188 | vendor-advisory, x_refsource_FEDORA | |
| http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml | vendor-advisory, x_refsource_GENTOO | |
| http://gaim.sourceforge.net/security/?id=9 | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790 | vdb-entry, signature, x_refsource_OVAL | |
| https://www.ubuntu.com/usn/usn-8-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17790 | vdb-entry, x_refsource_XF | |
| http://www.redhat.com/support/errata/RHSA-2004-604.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17786 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gaim-msn-slp-dos(17787)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an \"unexpected sequence of MSNSLP messages\" that results in an unbounded copy operation that writes to the wrong buffer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "gaim-msn-slp-dos(17787)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an \"unexpected sequence of MSNSLP messages\" that results in an unbounded copy operation that writes to the wrong buffer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gaim-msn-slp-dos(17787)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=9",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0891",
"datePublished": "2004-10-21T04:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0784
Vulnerability from cvelistv5
Published
2004-09-02 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.fedoranews.org/updates/FEDORA-2004-278.shtml | vendor-advisory, x_refsource_FEDORA | |
| http://www.fedoranews.org/updates/FEDORA-2004-279.shtml | vendor-advisory, x_refsource_FEDORA | |
| http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml | vendor-advisory, x_refsource_GENTOO | |
| http://gaim.sourceforge.net/security/?id=1 | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.redhat.com/support/errata/RHSA-2004-400.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17144 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=1"
},
{
"name": "oval:org.mitre.oval:def:10008",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-smiley-command-execution(17144)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=1"
},
{
"name": "oval:org.mitre.oval:def:10008",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-smiley-command-execution(17144)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0784",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=1",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=1"
},
{
"name": "oval:org.mitre.oval:def:10008",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008"
},
{
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-smiley-command-execution(17144)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0784",
"datePublished": "2004-09-02T04:00:00",
"dateReserved": "2004-08-17T00:00:00",
"dateUpdated": "2024-08-08T00:31:46.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0754
Vulnerability from cvelistv5
Published
2004-09-02 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10220",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220"
},
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=2"
},
{
"name": "12480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12480"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13101"
},
{
"name": "9260",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9260"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-groupware-integer-overflow(17140)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17140"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10220",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220"
},
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=2"
},
{
"name": "12480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12480"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13101"
},
{
"name": "9260",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9260"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-groupware-integer-overflow(17140)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17140"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:10220",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220"
},
{
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=2",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=2"
},
{
"name": "12480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12480"
},
{
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13101"
},
{
"name": "9260",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9260"
},
{
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "1011083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-groupware-integer-overflow(17140)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17140"
},
{
"name": "11056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0754",
"datePublished": "2004-09-02T04:00:00",
"dateReserved": "2004-07-26T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-1172
Vulnerability from cvelistv5
Published
2000-12-19 05:00
Modified
2024-08-08 05:45
Severity ?
EPSS score ?
Summary
Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1948 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1948",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1948"
},
{
"name": "20001110 Advisory: Gaim remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1948",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1948"
},
{
"name": "20001110 Advisory: Gaim remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1172",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1948"
},
{
"name": "20001110 Advisory: Gaim remote vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1172",
"datePublished": "2000-12-19T05:00:00",
"dateReserved": "2000-12-14T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0005
Vulnerability from cvelistv5
Published
2004-02-03 05:00
Modified
2024-08-08 00:01
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gaim-mime-decoder-oob(14944)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14944"
},
{
"name": "VU#226974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/226974"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "gaim-mime-decoder-bo(14942)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14942"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "gaim-yahoodecode-offbyone-bo(14935)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14935"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/200401-04"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "3736",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3736"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#655974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/655974"
},
{
"name": "VU#190366",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/190366"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "VU#404470",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/404470"
},
{
"name": "gaim-sscanf-oob(14938)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14938"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "gaim-mime-decoder-oob(14944)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14944"
},
{
"name": "VU#226974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/226974"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "gaim-mime-decoder-bo(14942)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14942"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "gaim-yahoodecode-offbyone-bo(14935)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14935"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/200401-04"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "3736",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3736"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#655974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/655974"
},
{
"name": "VU#190366",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/190366"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "VU#404470",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/404470"
},
{
"name": "gaim-sscanf-oob(14938)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14938"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gaim-mime-decoder-oob(14944)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14944"
},
{
"name": "VU#226974",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/226974"
},
{
"name": "DSA-434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "gaim-mime-decoder-bo(14942)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14942"
},
{
"name": "SuSE-SA:2004:004",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "SSA:2004-026",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "gaim-yahoodecode-offbyone-bo(14935)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14935"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "GLSA-200401-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/200401-04"
},
{
"name": "1008850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "http://security.e-matters.de/advisories/012004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "3736",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3736"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#655974",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/655974"
},
{
"name": "VU#190366",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/190366"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "VU#404470",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/404470"
},
{
"name": "gaim-sscanf-oob(14938)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14938"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0005",
"datePublished": "2004-02-03T05:00:00",
"dateReserved": "2004-01-05T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0966
Vulnerability from cvelistv5
Published
2005-04-04 04:00
Modified
2024-08-07 21:35
Severity ?
EPSS score ?
Summary
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:58.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:9185",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9185"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "gaim-ircmsginvite-dos(19939)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19939"
},
{
"name": "13003",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=14"
},
{
"name": "gaim-irc-plugin-bo(19937)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19937"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "20050401 multiple remote denial of service vulnerabilities in Gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=235\u0026release_id=317750"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:9185",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9185"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "gaim-ircmsginvite-dos(19939)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19939"
},
{
"name": "13003",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=14"
},
{
"name": "gaim-irc-plugin-bo(19937)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19937"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "20050401 multiple remote denial of service vulnerabilities in Gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=235\u0026release_id=317750"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0966",
"datePublished": "2005-04-04T04:00:00",
"dateReserved": "2005-04-04T00:00:00",
"dateUpdated": "2024-08-07T21:35:58.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0965
Vulnerability from cvelistv5
Published
2005-04-04 04:00
Modified
2024-08-07 21:35
Severity ?
EPSS score ?
Summary
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:071 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.securityfocus.com/archive/1/426078/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11292 | vdb-entry, signature, x_refsource_OVAL | |
| http://secunia.com/advisories/14815 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/12999 | vdb-entry, x_refsource_BID | |
| http://www.redhat.com/support/errata/RHSA-2005-365.html | vendor-advisory, x_refsource_REDHAT | |
| http://marc.info/?l=bugtraq&m=111238715307356&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://gaim.sourceforge.net/security/index.php?id=13 | x_refsource_CONFIRM | |
| http://www.novell.com/linux/security/advisories/2005_36_sudo.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:58.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:11292",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11292"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "12999",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12999"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "20050401 multiple remote denial of service vulnerabilities in Gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=13"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:11292",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11292"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "12999",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12999"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "20050401 multiple remote denial of service vulnerabilities in Gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=13"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0965",
"datePublished": "2005-04-04T04:00:00",
"dateReserved": "2005-04-04T00:00:00",
"dateUpdated": "2024-08-07T21:35:58.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-2589
Vulnerability from cvelistv5
Published
2005-11-28 23:00
Modified
2024-08-08 01:29
Severity ?
EPSS score ?
Summary
Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17150 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/9264 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1011083 | vdb-entry, x_refsource_SECTRACK | |
| http://gaim.sourceforge.net/security/?id=6 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/11056 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/12383 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:29:14.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gaim-content-length-dos(17150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17150"
},
{
"name": "9264",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9264"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=6"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "gaim-content-length-dos(17150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17150"
},
{
"name": "9264",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9264"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=6"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gaim-content-length-dos(17150)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17150"
},
{
"name": "9264",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9264"
},
{
"name": "1011083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "http://gaim.sourceforge.net/security/?id=6",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=6"
},
{
"name": "11056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2589",
"datePublished": "2005-11-28T23:00:00",
"dateReserved": "2005-11-28T00:00:00",
"dateUpdated": "2024-08-08T01:29:14.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0007
Vulnerability from cvelistv5
Published
2004-01-29 05:00
Modified
2024-08-08 00:01
Severity ?
EPSS score ?
Summary
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9489",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:9906",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "3733",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3733"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "oval:org.mitre.oval:def:819",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819"
},
{
"name": "VU#197142",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/197142"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/6281"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "gaim-extractinfo-bo(14946)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14946"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9489",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:9906",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "3733",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3733"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "oval:org.mitre.oval:def:819",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819"
},
{
"name": "VU#197142",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/197142"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.securityfocus.com/advisories/6281"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "gaim-extractinfo-bo(14946)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14946"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "RHSA-2004:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:9906",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906"
},
{
"name": "SSA:2004-026",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "http://ultramagnetic.sourceforge.net/advisories/001.html",
"refsource": "CONFIRM",
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"name": "http://security.e-matters.de/advisories/012004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "3733",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3733"
},
{
"name": "MDKSA-2004:006",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "oval:org.mitre.oval:def:819",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819"
},
{
"name": "VU#197142",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/197142"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "SuSE-SA:2004:004",
"refsource": "SUSE",
"url": "http://www.securityfocus.com/advisories/6281"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "gaim-extractinfo-bo(14946)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14946"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0007",
"datePublished": "2004-01-29T05:00:00",
"dateReserved": "2004-01-05T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0006
Vulnerability from cvelistv5
Published
2004-01-29 05:00
Modified
2024-08-08 00:01
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "9489",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "3732",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3732"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "oval:org.mitre.oval:def:818",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818"
},
{
"name": "VU#871838",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/871838"
},
{
"name": "VU#444158",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/444158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "VU#297198",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/297198"
},
{
"name": "gaim-login-value-bo(14941)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14941"
},
{
"name": "oval:org.mitre.oval:def:10222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "gaim-yahoowebpending-cookie-bo(14939)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14939"
},
{
"name": "gaim-http-proxy-bo(14947)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14947"
},
{
"name": "gaim-login-name-bo(14940)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14940"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#527142",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/527142"
},
{
"name": "gaim-urlparser-bo(14945)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14945"
},
{
"name": "VU#371382",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/371382"
},
{
"name": "gaim-yahoopacketread-keyname-bo(14943)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14943"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "3731",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3731"
},
{
"name": "VU#503030",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/503030"
},
{
"name": "RHSA-2004:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "9489",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "3732",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3732"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "oval:org.mitre.oval:def:818",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818"
},
{
"name": "VU#871838",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/871838"
},
{
"name": "VU#444158",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/444158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "VU#297198",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/297198"
},
{
"name": "gaim-login-value-bo(14941)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14941"
},
{
"name": "oval:org.mitre.oval:def:10222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "gaim-yahoowebpending-cookie-bo(14939)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14939"
},
{
"name": "gaim-http-proxy-bo(14947)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14947"
},
{
"name": "gaim-login-name-bo(14940)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14940"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#527142",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/527142"
},
{
"name": "gaim-urlparser-bo(14945)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14945"
},
{
"name": "VU#371382",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/371382"
},
{
"name": "gaim-yahoopacketread-keyname-bo(14943)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14943"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "3731",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3731"
},
{
"name": "VU#503030",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/503030"
},
{
"name": "RHSA-2004:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "9489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "SuSE-SA:2004:004",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "3732",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3732"
},
{
"name": "SSA:2004-026",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "oval:org.mitre.oval:def:818",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818"
},
{
"name": "VU#871838",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/871838"
},
{
"name": "VU#444158",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/444158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "VU#297198",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/297198"
},
{
"name": "gaim-login-value-bo(14941)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14941"
},
{
"name": "oval:org.mitre.oval:def:10222",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222"
},
{
"name": "http://ultramagnetic.sourceforge.net/advisories/001.html",
"refsource": "CONFIRM",
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"name": "http://security.e-matters.de/advisories/012004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "gaim-yahoowebpending-cookie-bo(14939)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14939"
},
{
"name": "gaim-http-proxy-bo(14947)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14947"
},
{
"name": "gaim-login-name-bo(14940)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14940"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#527142",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/527142"
},
{
"name": "gaim-urlparser-bo(14945)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14945"
},
{
"name": "VU#371382",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/371382"
},
{
"name": "gaim-yahoopacketread-keyname-bo(14943)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14943"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "3731",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3731"
},
{
"name": "VU#503030",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/503030"
},
{
"name": "RHSA-2004:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0006",
"datePublished": "2004-01-29T05:00:00",
"dateReserved": "2004-01-05T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0500
Vulnerability from cvelistv5
Published
2004-09-02 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:15.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "SUSE-SA:2004:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"name": "MDKSA-2004:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"name": "GLSA-200408-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"name": "gaim-msn-bo(16920)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"name": "oval:org.mitre.oval:def:9429",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "10865",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10865"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "SUSE-SA:2004:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"name": "MDKSA-2004:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"name": "GLSA-200408-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"name": "gaim-msn-bo(16920)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"name": "oval:org.mitre.oval:def:9429",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "10865",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10865"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "SUSE-SA:2004:025",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"name": "MDKSA-2004:081",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"name": "GLSA-200408-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=0",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"name": "gaim-msn-bo(16920)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"name": "oval:org.mitre.oval:def:9429",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
},
{
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "10865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10865"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0500",
"datePublished": "2004-09-02T04:00:00",
"dateReserved": "2004-05-27T00:00:00",
"dateUpdated": "2024-08-08T00:17:15.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0384
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 02:49
Severity ?
EPSS score ?
Summary
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2002-107.html | vendor-advisory, x_refsource_REDHAT | |
| http://online.securityfocus.com/advisories/4358 | vendor-advisory, x_refsource_HP | |
| http://www.redhat.com/support/errata/RHSA-2002-122.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/5406 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/3729 | vdb-entry, x_refsource_OSVDB | |
| http://www.redhat.com/support/errata/RHSA-2002-098.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2003-156.html | vendor-advisory, x_refsource_REDHAT | |
| http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.iss.net/security_center/static/9766.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:27.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"
},
{
"name": "HPSBTL0208-057",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4358"
},
{
"name": "RHSA-2002:122",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"
},
{
"name": "5406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5406"
},
{
"name": "3729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3729"
},
{
"name": "RHSA-2002:098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"
},
{
"name": "RHSA-2003:156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "MDKSA-2002:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "gaim-jabber-module-bo(9766)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9766.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"
},
{
"name": "HPSBTL0208-057",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4358"
},
{
"name": "RHSA-2002:122",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"
},
{
"name": "5406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5406"
},
{
"name": "3729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3729"
},
{
"name": "RHSA-2002:098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"
},
{
"name": "RHSA-2003:156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "MDKSA-2002:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "gaim-jabber-module-bo(9766)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9766.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:107",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"
},
{
"name": "HPSBTL0208-057",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4358"
},
{
"name": "RHSA-2002:122",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"
},
{
"name": "5406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5406"
},
{
"name": "3729",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3729"
},
{
"name": "RHSA-2002:098",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"
},
{
"name": "RHSA-2003:156",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "MDKSA-2002:054",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "gaim-jabber-module-bo(9766)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9766.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0384",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-05-22T00:00:00",
"dateUpdated": "2024-08-08T02:49:27.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1261
Vulnerability from cvelistv5
Published
2005-05-11 04:00
Modified
2024-08-07 21:44
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/13590 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/426078/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://www.vupen.com/english/advisories/2005/0519 | vdb-entry, x_refsource_VUPEN | |
| http://gaim.sourceforge.net/security/index.php?id=16 | x_refsource_CONFIRM | |
| http://www.redhat.com/support/errata/RHSA-2005-429.html | vendor-advisory, x_refsource_REDHAT | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.redhat.com/support/errata/RHSA-2005-432.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:06.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13590",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13590"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "ADV-2005-0519",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=16"
},
{
"name": "RHSA-2005:429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"name": "oval:org.mitre.oval:def:10725",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725"
},
{
"name": "RHSA-2005:432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "13590",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13590"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "ADV-2005-0519",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=16"
},
{
"name": "RHSA-2005:429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"name": "oval:org.mitre.oval:def:10725",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725"
},
{
"name": "RHSA-2005:432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1261",
"datePublished": "2005-05-11T04:00:00",
"dateReserved": "2005-04-25T00:00:00",
"dateUpdated": "2024-08-07T21:44:06.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0989
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020827 GLSA: gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103046442403404\u0026w=2"
},
{
"name": "HPSBTL0209-067",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4471"
},
{
"name": "5033",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5033"
},
{
"name": "5574",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5574"
},
{
"name": "RHSA-2002:190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-190.html"
},
{
"name": "RHSA-2002:191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-191.html"
},
{
"name": "CLA-2002:521",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000521"
},
{
"name": "FreeBSD-SN-02:06",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728"
},
{
"name": "RHSA-2003:156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "gaim-url-handler-command-execution(9978)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9978.php"
},
{
"name": "MDKSA-2002:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "RHSA-2002:189",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-189.html"
},
{
"name": "DSA-158",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-158"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020827 GLSA: gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103046442403404\u0026w=2"
},
{
"name": "HPSBTL0209-067",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4471"
},
{
"name": "5033",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5033"
},
{
"name": "5574",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5574"
},
{
"name": "RHSA-2002:190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-190.html"
},
{
"name": "RHSA-2002:191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-191.html"
},
{
"name": "CLA-2002:521",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000521"
},
{
"name": "FreeBSD-SN-02:06",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728"
},
{
"name": "RHSA-2003:156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "gaim-url-handler-command-execution(9978)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9978.php"
},
{
"name": "MDKSA-2002:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "RHSA-2002:189",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-189.html"
},
{
"name": "DSA-158",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-158"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020827 GLSA: gaim",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103046442403404\u0026w=2"
},
{
"name": "HPSBTL0209-067",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4471"
},
{
"name": "5033",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5033"
},
{
"name": "5574",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5574"
},
{
"name": "RHSA-2002:190",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-190.html"
},
{
"name": "RHSA-2002:191",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-191.html"
},
{
"name": "CLA-2002:521",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000521"
},
{
"name": "FreeBSD-SN-02:06",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc"
},
{
"name": "http://gaim.sourceforge.net/ChangeLog",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728"
},
{
"name": "RHSA-2003:156",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "gaim-url-handler-command-execution(9978)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9978.php"
},
{
"name": "MDKSA-2002:054",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "RHSA-2002:189",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-189.html"
},
{
"name": "DSA-158",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-158"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0989",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-27T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0208
Vulnerability from cvelistv5
Published
2005-02-28 05:00
Modified
2024-08-07 21:05
Severity ?
EPSS score ?
Summary
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#795812",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/795812"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=12"
},
{
"name": "14386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14386"
},
{
"name": "oval:org.mitre.oval:def:10477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "12660",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12660"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0473."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#795812",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/795812"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=12"
},
{
"name": "14386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14386"
},
{
"name": "oval:org.mitre.oval:def:10477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "12660",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12660"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0473."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#795812",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/795812"
},
{
"name": "FLSA:158543",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "http://gaim.sourceforge.net/security/?id=12",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=12"
},
{
"name": "14386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14386"
},
{
"name": "oval:org.mitre.oval:def:10477",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477"
},
{
"name": "GLSA-200503-03",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "12660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12660"
},
{
"name": "CLA-2005:933",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:215",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "SUSE-SA:2005:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0208",
"datePublished": "2005-02-28T05:00:00",
"dateReserved": "2005-02-01T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2102
Vulnerability from cvelistv5
Published
2005-08-16 04:00
Modified
2024-08-07 22:15
Severity ?
EPSS score ?
Summary
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/426078/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://www.novell.com/linux/security/advisories/2005_19_sr.html | vendor-advisory, x_refsource_SUSE | |
| http://gaim.sourceforge.net/security/?id=21 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/14531 | vdb-entry, x_refsource_BID | |
| https://usn.ubuntu.com/168-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.redhat.com/support/errata/RHSA-2005-627.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:15:37.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=21"
},
{
"name": "14531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "oval:org.mitre.oval:def:9283",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=21"
},
{
"name": "14531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "oval:org.mitre.oval:def:9283",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2102",
"datePublished": "2005-08-16T04:00:00",
"dateReserved": "2005-06-30T00:00:00",
"dateUpdated": "2024-08-07T22:15:37.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2370
Vulnerability from cvelistv5
Published
2005-07-26 04:00
Modified
2024-08-07 22:22
Severity ?
EPSS score ?
Summary
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://gaim.sourceforge.net/security/index.php?id=20 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/426078/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/24600 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=112198499417250&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/16265 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2005/dsa-813 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.debian.org/security/2007/dsa-1318 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2005-627.html | vendor-advisory, x_refsource_REDHAT | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456 | vdb-entry, signature, x_refsource_OVAL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:49.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=20"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "24600",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24600"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "16265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16265"
},
{
"name": "DSA-813",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-813"
},
{
"name": "DSA-1318",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1318"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "oval:org.mitre.oval:def:10456",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple \"memory alignment errors\" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=20"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "24600",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24600"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "16265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16265"
},
{
"name": "DSA-813",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-813"
},
{
"name": "DSA-1318",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1318"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "oval:org.mitre.oval:def:10456",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-2370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple \"memory alignment errors\" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://gaim.sourceforge.net/security/index.php?id=20",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/index.php?id=20"
},
{
"name": "FLSA:158543",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "24600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24600"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "16265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16265"
},
{
"name": "DSA-813",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-813"
},
{
"name": "DSA-1318",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1318"
},
{
"name": "RHSA-2005:627",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "oval:org.mitre.oval:def:10456",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-2370",
"datePublished": "2005-07-26T04:00:00",
"dateReserved": "2005-07-26T00:00:00",
"dateUpdated": "2024-08-07T22:22:49.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0008
Vulnerability from cvelistv5
Published
2004-01-29 05:00
Modified
2024-08-08 00:01
Severity ?
EPSS score ?
Summary
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040127 [slackware-security] GAIM security update (SSA:2004-026-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522338611564\u0026w=2"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
},
{
"name": "3734",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3734"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9469",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "gaim-directim-bo(14937)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"name": "VU#779614",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "RHSA-2004:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040127 [slackware-security] GAIM security update (SSA:2004-026-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522338611564\u0026w=2"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
},
{
"name": "3734",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3734"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9469",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "gaim-directim-bo(14937)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"name": "VU#779614",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "RHSA-2004:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040127 [slackware-security] GAIM security update (SSA:2004-026-01)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107522338611564\u0026w=2"
},
{
"name": "DSA-434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:820",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
},
{
"name": "3734",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3734"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9469",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
},
{
"name": "http://ultramagnetic.sourceforge.net/advisories/001.html",
"refsource": "CONFIRM",
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"name": "http://security.e-matters.de/advisories/012004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "gaim-directim-bo(14937)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"name": "VU#779614",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "RHSA-2004:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0008",
"datePublished": "2004-01-29T05:00:00",
"dateReserved": "2004-01-05T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2103
Vulnerability from cvelistv5
Published
2005-08-16 04:00
Modified
2024-08-07 22:15
Severity ?
EPSS score ?
Summary
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
References
| ▼ | URL | Tags |
|---|---|---|
| http://gaim.sourceforge.net/security/?id=22 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/426078/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://www.novell.com/linux/security/advisories/2005_19_sr.html | vendor-advisory, x_refsource_SUSE | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/14531 | vdb-entry, x_refsource_BID | |
| https://usn.ubuntu.com/168-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.redhat.com/support/errata/RHSA-2005-627.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2005-589.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:15:37.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=22"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "oval:org.mitre.oval:def:11477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477"
},
{
"name": "14531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "RHSA-2005:589",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-589.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=22"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "oval:org.mitre.oval:def:11477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477"
},
{
"name": "14531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "RHSA-2005:589",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-589.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2103",
"datePublished": "2005-08-16T04:00:00",
"dateReserved": "2005-06-30T00:00:00",
"dateUpdated": "2024-08-07T22:15:37.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1269
Vulnerability from cvelistv5
Published
2005-06-14 04:00
Modified
2024-08-07 21:44
Severity ?
EPSS score ?
Summary
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:06.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=18"
},
{
"name": "oval:org.mitre.oval:def:744",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A744"
},
{
"name": "oval:org.mitre.oval:def:9544",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9544"
},
{
"name": "MDKSA-2005:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"name": "RHSA-2005:518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"name": "DSA-734",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"name": "13931",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13931"
},
{
"name": "USN-139-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/139-1/"
},
{
"name": "GLSA-200506-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=18"
},
{
"name": "oval:org.mitre.oval:def:744",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A744"
},
{
"name": "oval:org.mitre.oval:def:9544",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9544"
},
{
"name": "MDKSA-2005:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"name": "RHSA-2005:518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"name": "DSA-734",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"name": "13931",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13931"
},
{
"name": "USN-139-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/139-1/"
},
{
"name": "GLSA-200506-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1269",
"datePublished": "2005-06-14T04:00:00",
"dateReserved": "2005-04-25T00:00:00",
"dateUpdated": "2024-08-07T21:44:06.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1262
Vulnerability from cvelistv5
Published
2005-05-11 04:00
Modified
2024-08-07 21:44
Severity ?
EPSS score ?
Summary
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/426078/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/13591 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2005/0519 | vdb-entry, x_refsource_VUPEN | |
| http://gaim.sourceforge.net/security/index.php?id=17 | x_refsource_CONFIRM | |
| http://www.redhat.com/support/errata/RHSA-2005-429.html | vendor-advisory, x_refsource_REDHAT | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.novell.com/linux/security/advisories/2005_36_sudo.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:05.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "13591",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13591"
},
{
"name": "ADV-2005-0519",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=17"
},
{
"name": "RHSA-2005:429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"name": "oval:org.mitre.oval:def:10861",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "13591",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13591"
},
{
"name": "ADV-2005-0519",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=17"
},
{
"name": "RHSA-2005:429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"name": "oval:org.mitre.oval:def:10861",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1262",
"datePublished": "2005-05-11T04:00:00",
"dateReserved": "2005-04-25T00:00:00",
"dateUpdated": "2024-08-07T21:44:05.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0785
Vulnerability from cvelistv5
Published
2004-09-02 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9261",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9261"
},
{
"name": "9263",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9263"
},
{
"name": "gaim-hostname-bo(17142)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17142"
},
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=5"
},
{
"name": "12480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12480"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=3"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13101"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "9262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9262"
},
{
"name": "gaim-rtf-bo(17141)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17141"
},
{
"name": "12929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12929"
},
{
"name": "gaim-url-bo(17143)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17143"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "oval:org.mitre.oval:def:10907",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=4"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9261",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9261"
},
{
"name": "9263",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9263"
},
{
"name": "gaim-hostname-bo(17142)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17142"
},
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=5"
},
{
"name": "12480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12480"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=3"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13101"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "9262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9262"
},
{
"name": "gaim-rtf-bo(17141)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17141"
},
{
"name": "12929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12929"
},
{
"name": "gaim-url-bo(17143)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17143"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "oval:org.mitre.oval:def:10907",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=4"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9261",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9261"
},
{
"name": "9263",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9263"
},
{
"name": "gaim-hostname-bo(17142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17142"
},
{
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=5",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=5"
},
{
"name": "12480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12480"
},
{
"name": "http://gaim.sourceforge.net/security/?id=3",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=3"
},
{
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13101"
},
{
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "9262",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9262"
},
{
"name": "gaim-rtf-bo(17141)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17141"
},
{
"name": "12929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12929"
},
{
"name": "gaim-url-bo(17143)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17143"
},
{
"name": "1011083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "oval:org.mitre.oval:def:10907",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907"
},
{
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "http://gaim.sourceforge.net/security/?id=4",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=4"
},
{
"name": "11056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0785",
"datePublished": "2004-09-02T04:00:00",
"dateReserved": "2004-08-17T00:00:00",
"dateUpdated": "2024-08-08T00:31:46.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0472
Vulnerability from cvelistv5
Published
2005-02-19 05:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "VU#839280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/839280"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=10"
},
{
"name": "oval:org.mitre.oval:def:10433",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
},
{
"name": "14322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14322"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "12589",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12589"
},
{
"name": "gaim-snac-dos(19380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
},
{
"name": "DSA-716",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-716"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "VU#839280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/839280"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=10"
},
{
"name": "oval:org.mitre.oval:def:10433",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
},
{
"name": "14322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14322"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "12589",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12589"
},
{
"name": "gaim-snac-dos(19380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
},
{
"name": "DSA-716",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-716"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0472",
"datePublished": "2005-02-19T05:00:00",
"dateReserved": "2005-02-19T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0967
Vulnerability from cvelistv5
Published
2005-04-06 04:00
Modified
2024-08-07 21:35
Severity ?
EPSS score ?
Summary
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:071 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.securityfocus.com/archive/1/426078/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://sourceforge.net/tracker/?func=detail&aid=1172115&group_id=235&atid=100235 | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9657 | vdb-entry, signature, x_refsource_OVAL | |
| http://gaim.sourceforge.net/security/?id=15 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/14815 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.redhat.com/support/errata/RHSA-2005-365.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/13004 | vdb-entry, x_refsource_BID | |
| http://www.novell.com/linux/security/advisories/2005_36_sudo.html | vendor-advisory, x_refsource_SUSE | |
| http://securitytracker.com/id?1013645 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:58.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/tracker/?func=detail\u0026aid=1172115\u0026group_id=235\u0026atid=100235"
},
{
"name": "oval:org.mitre.oval:def:9657",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9657"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=15"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "13004",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13004"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"name": "1013645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013645"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/tracker/?func=detail\u0026aid=1172115\u0026group_id=235\u0026atid=100235"
},
{
"name": "oval:org.mitre.oval:def:9657",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9657"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=15"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "13004",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13004"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"name": "1013645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013645"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0967",
"datePublished": "2005-04-06T04:00:00",
"dateReserved": "2005-04-05T00:00:00",
"dateUpdated": "2024-08-07T21:35:58.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0377
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:49
Severity ?
EPSS score ?
Summary
Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=102130733815285&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/4730 | vdb-entry, x_refsource_BID | |
| http://gaim.sourceforge.net/ChangeLog | x_refsource_CONFIRM | |
| http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html | mailing-list, x_refsource_VULN-DEV | |
| http://www.iss.net/security_center/static/9061.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:27.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020512 Gaim abritary Email Reading",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102130733815285\u0026w=2"
},
{
"name": "4730",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"name": "20020511 Gaim abritary Email Reading",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html"
},
{
"name": "gaim-email-access(9061)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9061.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020512 Gaim abritary Email Reading",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102130733815285\u0026w=2"
},
{
"name": "4730",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"name": "20020511 Gaim abritary Email Reading",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV"
],
"url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html"
},
{
"name": "gaim-email-access(9061)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9061.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020512 Gaim abritary Email Reading",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102130733815285\u0026w=2"
},
{
"name": "4730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4730"
},
{
"name": "http://gaim.sourceforge.net/ChangeLog",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"name": "20020511 Gaim abritary Email Reading",
"refsource": "VULN-DEV",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html"
},
{
"name": "gaim-email-access(9061)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9061.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0377",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-05-14T00:00:00",
"dateUpdated": "2024-08-08T02:49:27.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0573
Vulnerability from cvelistv5
Published
2005-02-27 05:00
Modified
2024-08-07 21:21
Severity ?
EPSS score ?
Summary
Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=full-disclosure&m=110928380421841&w=2 | mailing-list, x_refsource_FULLDISC | |
| http://securitytracker.com/id?1013300 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050224 GAIM exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110928380421841\u0026w=2"
},
{
"name": "1013300",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains \"(\" or \")\" (parenthesis) characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050224 GAIM exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110928380421841\u0026w=2"
},
{
"name": "1013300",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains \"(\" or \")\" (parenthesis) characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050224 GAIM exploit",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=110928380421841\u0026w=2"
},
{
"name": "1013300",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0573",
"datePublished": "2005-02-27T05:00:00",
"dateReserved": "2005-02-27T00:00:00",
"dateUpdated": "2024-08-07T21:21:06.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0473
Vulnerability from cvelistv5
Published
2005-02-19 05:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10212",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "VU#523888",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/523888"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "gaim-html-dos(19381)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=11"
},
{
"name": "14322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14322"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "12589",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12589"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0208."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10212",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "VU#523888",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/523888"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "gaim-html-dos(19381)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=11"
},
{
"name": "14322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14322"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "12589",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12589"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0473",
"datePublished": "2005-02-19T05:00:00",
"dateReserved": "2005-02-19T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1934
Vulnerability from cvelistv5
Published
2005-06-09 04:00
Modified
2024-08-07 22:06
Severity ?
EPSS score ?
Summary
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/13932 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/426078/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:099 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.redhat.com/support/errata/RHSA-2005-518.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2005/dsa-734 | vendor-advisory, x_refsource_DEBIAN | |
| http://sourceforge.net/tracker/index.php?func=detail&aid=1205290&group_id=235&atid=100235 | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368 | vdb-entry, signature, x_refsource_OVAL | |
| http://security.gentoo.org/glsa/glsa-200506-11.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.novell.com/linux/security/advisories/2005_36_sudo.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:263",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263"
},
{
"name": "13932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13932"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "MDKSA-2005:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"name": "RHSA-2005:518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"name": "DSA-734",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1205290\u0026group_id=235\u0026atid=100235"
},
{
"name": "oval:org.mitre.oval:def:10368",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368"
},
{
"name": "GLSA-200506-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "oval:org.mitre.oval:def:263",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263"
},
{
"name": "13932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13932"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "MDKSA-2005:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"name": "RHSA-2005:518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"name": "DSA-734",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1205290\u0026group_id=235\u0026atid=100235"
},
{
"name": "oval:org.mitre.oval:def:10368",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368"
},
{
"name": "GLSA-200506-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1934",
"datePublished": "2005-06-09T04:00:00",
"dateReserved": "2005-06-09T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}