RedHatRHSA-2005:518(RHSA-2005:518) gaim security update
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.05 Low
EPSS
Percentile
92.0%
The Gaim application is a multi-protocol instant messaging client.
Jacopo Ottaviani discovered a bug in the way Gaim handles Yahoo! Messenger
file transfers. It is possible for a malicious user to send a specially
crafted file transfer request that causes Gaim to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-1269 to this issue.
Additionally, Hugo de Bokkenrijder discovered a bug in the way Gaim parses
MSN Messenger messages. It is possible for a malicious user to send a
specially crafted MSN Messenger message that causes Gaim to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-1934 to this issue.
Users of gaim are advised to upgrade to this updated package, which contains
version 1.3.1 and is not vulnerable to these issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 4 | ppc | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.ppc.rpm |
| RedHat | 4 | ia64 | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.ia64.rpm |
| RedHat | 4 | s390 | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.s390.rpm |
| RedHat | 4 | s390x | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.s390x.rpm |
| RedHat | 4 | i386 | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.i386.rpm |
| RedHat | 4 | src | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.src.rpm |
| RedHat | 4 | x86_64 | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.x86_64.rpm |
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.05 Low
EPSS
Percentile
92.0%