Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-0005
HistoryMar 03, 2004 - 5:00 a.m.

CVE-2004-0005

2004-03-0305:00:00
CWE-193
[email protected]
web.nvd.nist.gov
28
cve
buffer overflow
gaim
remote attack
denial of service
arbitrary code execution

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.42 Medium

EPSS

Percentile

97.3%

JSON

Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.

References

Related

cert 4
suse 1
debian 2
openvas 6
nessus 3
freebsd 1
securityvulns 1
osv 1
cert
cert
Gaim contains a buffer overflow vulnerability in the gaim_quotedp_decode() function
2004-04-30 00:00:00
Gaim contains a buffer overflow vulnerability in the yahoo_decode() function
2004-04-30 00:00:00
Gaim contains an off-by-one buffer overflow vulnerability in the yahoo_decode() function
2004-04-30 00:00:00
suse
suse
remote system compromise in gaim
2004-01-29 12:56:32
debian
debian
[SECURITY] [DSA 434-1] New gaim packages fix several vulnerabilities
2004-02-05 14:06:18
[SECURITY] [DSA 434-1] New gaim packages fix several vulnerabilities
2004-02-05 14:06:18
openvas
openvas
Debian Security Advisory DSA 434-1 (gaim)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200401-04 (GAIM)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-434)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-434-1 : gaim - several vulnerabilities
2004-09-29 00:00:00
FreeBSD : Several remotely exploitable buffer overflows in gaim (6fd02439-5d70-11d8-80e3-0020ed76ef5a)
2009-04-23 00:00:00
FreeBSD : Several remotely exploitable buffer overflows in gaim (52)
2004-07-06 00:00:00
freebsd
freebsd
Several remotely exploitable buffer overflows in gaim
2004-01-26 00:00:00
securityvulns
securityvulns
Advisory 01/2004: 12 x Gaim remote overflows
2004-01-26 00:00:00
osv
osv
gaim - several vulnerabilities
2004-02-05 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.42 Medium

EPSS

Percentile

97.3%

JSON
Related for CVE-2004-0005
cert4suse1debian2openvas6nessus3freebsd1securityvulns1osv1