7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.641 Medium
EPSS
Percentile
97.5%
Gaim is an Internet Messaging client.
A heap based buffer overflow issue was discovered in the way Gaim processes
away messages. A remote attacker could send a specially crafted away
message to a Gaim user logged into AIM or ICQ that could result in
arbitrary code execution. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.
Daniel Atallah discovered a denial of service issue in Gaim. A remote
attacker could attempt to upload a file with a specially crafted name to a
user logged into AIM or ICQ, causing Gaim to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-2102 to this issue.
A denial of service bug was found in Gaim’s Gadu Gadu protocol handler. A
remote attacker could send a specially crafted message to a Gaim user
logged into Gadu Gadu, causing Gaim to crash. Please note that this issue
only affects PPC and IBM S/390 systems running Gaim. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-2370 to this issue.
Users of gaim are advised to upgrade to this updated package, which
contains backported patches and is not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | src | gaim | < 1.3.1-0.el4.3 | gaim-1.3.1-0.el4.3.src.rpm |
RedHat | 4 | ia64 | gaim | < 1.3.1-0.el4.3 | gaim-1.3.1-0.el4.3.ia64.rpm |
RedHat | 4 | x86_64 | gaim | < 1.3.1-0.el4.3 | gaim-1.3.1-0.el4.3.x86_64.rpm |
RedHat | 4 | s390x | gaim | < 1.3.1-0.el4.3 | gaim-1.3.1-0.el4.3.s390x.rpm |
RedHat | 4 | ppc | gaim | < 1.3.1-0.el4.3 | gaim-1.3.1-0.el4.3.ppc.rpm |
RedHat | 4 | s390 | gaim | < 1.3.1-0.el4.3 | gaim-1.3.1-0.el4.3.s390.rpm |
RedHat | 4 | i386 | gaim | < 1.3.1-0.el4.3 | gaim-1.3.1-0.el4.3.i386.rpm |