Gopher Security Vulnerabilities

CVE-2024-24890

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in openEuler gala-gopher on Linux allows Command Injection. This vulnerability is associated with program files...

CVE-2019-9738

jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the...

CVE-2005-2772

Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such....

CVE-2005-1853

gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain...

CVE-2002-0371

Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long...