Search criteria
4 vulnerabilities by centericq
CVE-2007-0160 (GCVE-0-2007-0160)
Vulnerability from cvelistv5 – Published: 2007-01-10 00:00 – Updated: 2024-08-07 12:12
VLAI
Summary
Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2129 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/21932 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2007/0306 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.gentoo.org/security/en/glsa/glsa-20070… | vendor-advisoryx_refsource_GENTOO |
| http://securitytracker.com/id?1017545 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/456255/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/33408 | vdb-entryx_refsource_OSVDB |
Date Public
2007-01-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2129",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2129",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2129",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2129"
},
{
"name": "21932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21932"
},
{
"name": "ADV-2007-0306",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0306"
},
{
"name": "centericq-username-bo(31330)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31330"
},
{
"name": "GLSA-200701-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-20.xml"
},
{
"name": "1017545",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017545"
},
{
"name": "20070107 TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456255/100/0/threaded"
},
{
"name": "33408",
"refsource": "OSVDB",
"url": "http://osvdb.org/33408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0160",
"datePublished": "2007-01-10T00:00:00.000Z",
"dateReserved": "2007-01-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:12:17.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3694 (GCVE-0-2005-3694)
Vulnerability from cvelistv5 – Published: 2005-11-20 20:00 – Updated: 2024-08-07 23:17
VLAI
Summary
centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://bugs.gentoo.org/show_bug.cgi?id=100519 | x_refsource_CONFIRM |
| http://security.gentoo.org/glsa/glsa-200512-11.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.osvdb.org/21270 | vdb-entryx_refsource_OSVDB |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/15649 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2005/dsa-912 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/17798 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/17818 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/18081 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2005-11-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "centericq-zero-length-dos(23327)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18081"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "centericq 4.20.0-r3 with \"Enable peer-to-peer communications\" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "centericq-zero-length-dos(23327)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18081"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-3694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "centericq 4.20.0-r3 with \"Enable peer-to-peer communications\" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "centericq-zero-length-dos(23327)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23327"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=100519",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=100519"
},
{
"name": "GLSA-200512-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml"
},
{
"name": "21270",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21270"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089"
},
{
"name": "15649",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15649"
},
{
"name": "DSA-912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-912"
},
{
"name": "17798",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17798"
},
{
"name": "17818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17818"
},
{
"name": "18081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18081"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-3694",
"datePublished": "2005-11-20T20:00:00.000Z",
"dateReserved": "2005-11-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:17:23.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1852 (GCVE-0-2005-1852)
Vulnerability from cvelistv5 – Published: 2005-07-26 04:00 – Updated: 2024-08-07 22:06
VLAI
Summary
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2005-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16155"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-1852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kde.org/info/security/advisory-20050721-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050721-1.txt"
},
{
"name": "16140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16140"
},
{
"name": "oval:org.mitre.oval:def:9532",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532"
},
{
"name": "GLSA-200507-26",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml"
},
{
"name": "14345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14345"
},
{
"name": "16242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16242"
},
{
"name": "GLSA-200507-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200507-23.xml"
},
{
"name": "SUSE-SR:2005:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "RHSA-2005:639",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-639.html"
},
{
"name": "FEDORA-2005-624",
"refsource": "FEDORA",
"url": "http://lwn.net/Articles/144724/"
},
{
"name": "16211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16211"
},
{
"name": "16155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16155"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-1852",
"datePublished": "2005-07-26T04:00:00.000Z",
"dateReserved": "2005-06-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:06:57.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1914 (GCVE-0-2005-1914)
Vulnerability from cvelistv5 – Published: 2005-07-17 04:00 – Updated: 2024-09-16 23:35
VLAI
Summary
CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.zataz.net/adviso/centericq-06152005.txt | x_refsource_MISC |
| http://www.debian.org/security/2005/dsa-754 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/14144 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-17T04:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-1914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zataz.net/adviso/centericq-06152005.txt",
"refsource": "MISC",
"url": "http://www.zataz.net/adviso/centericq-06152005.txt"
},
{
"name": "DSA-754",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-754"
},
{
"name": "14144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1914",
"datePublished": "2005-07-17T04:00:00.000Z",
"dateReserved": "2005-06-08T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:35:53.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}