CVE-2005-0473

2005-03-1405:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

gaim

html parsing

cve-2005-0473

denial of service

nvd

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.079 Low

EPSS

Percentile

94.2%

JSON

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes “an invalid memory access,” a different vulnerability than CVE-2005-0208.

CPENameOperatorVersion
rob_flynn:gaimrob flynn gaimeq1.1.2
rob_flynn:gaimrob flynn gaimeq1.0
rob_flynn:gaimrob flynn gaimeq1.0.1
rob_flynn:gaimrob flynn gaimeq1.1.1
redhat:enterprise_linuxredhat enterprise linuxeq4.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq10.1
mandrakesoft:mandrake_linux_corporate_servermandrakesoft mandrake linux corporate servereq3.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq10.0
redhat:enterprise_linux_desktopredhat enterprise linux desktopeq4.0

CPE	Name	Operator	Version
rob_flynn:gaim	rob flynn gaim	eq	1.1.2
rob_flynn:gaim	rob flynn gaim	eq	1.0
rob_flynn:gaim	rob flynn gaim	eq	1.0.1
rob_flynn:gaim	rob flynn gaim	eq	1.1.1
redhat:enterprise_linux	redhat enterprise linux	eq	4.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	10.1
mandrakesoft:mandrake_linux_corporate_server	mandrakesoft mandrake linux corporate server	eq	3.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	10.0
redhat:enterprise_linux_desktop	redhat enterprise linux desktop	eq	4.0