Gaim msn_import_html() Function Overflow

2004-08-05T01:36:05
ID OSVDB:8962
Type osvdb
Reporter Sebastian Krahmer(krahmer@suse.de)
Modified 2004-08-05T01:36:05

Description

Vulnerability Description

A local overflow exists in gaim. The issue is due to unbounded recursive msn_import_html() function calls resulting in a stack overflow. With a specially crafted request, an attacker can cause the application to crash or execute arbitrary code resulting in a loss of availability or integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A local overflow exists in gaim. The issue is due to unbounded recursive msn_import_html() function calls resulting in a stack overflow. With a specially crafted request, an attacker can cause the application to crash or execute arbitrary code resulting in a loss of availability or integrity.

References:

Vendor URL: http://gaim.sourceforge.net/ Vendor Specific Advisory URL Security Tracker: 1010872 Secunia Advisory ID:13101 Secunia Advisory ID:12292 Secunia Advisory ID:12287 Secunia Advisory ID:12382 Secunia Advisory ID:12282 Secunia Advisory ID:12383 Secunia Advisory ID:12125 Related OSVDB ID: 8382 Related OSVDB ID: 8961 Other Advisory URL: http://www.suse.de/de/security/2004_25_gaim.html Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:081 Other Advisory URL: http://security.gentoo.org/glsa/glsa-200408-12.xml Other Advisory URL: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.375602 Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000884 Nessus Plugin ID:14267 Nessus Plugin ID:14330 Nessus Plugin ID:14264 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-08/0188.html ISS X-Force ID: 16920 CVE-2004-0500