EUVD-2005-0967

Malware in sbrugna...

Gaim < 1.3.2 Multiple Vulnerabilities

Binary data 3160.prm...

GLSA-200503-03 : Gaim: Multiple Denial of Service issues

The remote host is affected by the vulnerability described in GLSA-200503-03 Gaim: Multiple Denial of Service issues Specially crafted SNAC packets sent by other instant-messaging users can cause Gaim to loop endlessly CAN-2005-0472. Malformed HTML code could lead to invalid memory accesses...

USN-85-1: Gaim vulnerabilities

The Gaim developers discovered that the HTML parser did not sufficiently validate its input. This allowed a remote attacker to crash the Gaim client by sending certain malformed HTML messages. CAN-2005-0208, CAN-2005-0473 Another lack of sufficient input validation was found in the "Oscar" protoc...

USN-8-1: gaim vulnerabilities

A buffer overflow and two remote crashes were recently discovered in gaim's MSN protocol handler. An attacker could potentially execute arbitrary code with the user's privileges by crafting and sending a particular MSN message...

GLSA-200410-23 : Gaim: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200410-23 Gaim: Multiple vulnerabilities A possible buffer overflow exists in the code processing MSN SLP messages CAN-2004-0891. memcpy was used without validating the size of the buffer, and an incorrect buffer was used as...

Mandrake Linux Security Advisory : gaim (MDKSA-2004:110)

More vulnerabilities have been discovered in the gaim instant messenger client. The vulnerabilities pertinent to version 0.75, which is the version shipped with Mandrakelinux 10.0, are: installing smiley themes could allow remote attackers to execute arbitrary commands via shell metacharacters in...

Gaim < 1.0.2 Multiple Vulnerabilities

Binary data 2366.prm...

gaim -- MSN denial-of-service vulnerabilities

The Gaim team discovered denial-of-service vulnerabilities in the MSN protocol handler: After accepting a file transfer request, Gaim will attempt to allocate a buffer of a size equal to the entire filesize, this allocation attempt will cause Gaim to crash if the size exceeds the amount of...

GLSA-200408-27 : Gaim: New vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200408-27 Gaim: New vulnerabilities Gaim fails to do proper bounds checking when: Handling MSN messages partially fixed with GLSA 200408-12. Handling rich text format messages. Resolving local hostname. Receiving long URLs. Handli...

GLSA-200401-04 : GAIM 0.75 Remote overflows

The remote host is affected by the vulnerability described in GLSA-200401-04 GAIM 0.75 Remote overflows Yahoo changed the authentication methods to their IM servers, rendering GAIM useless. The GAIM team released a rushed release solving this issue, however, at the same time a code audit revealed...

Gaim: New vulnerabilities

Background Gaim is a multi-protocol instant messaging client for Linux which supports many instant messaging protocols. Description Gaim fails to do proper bounds checking when: Handling MSN messages partially fixed with GLSA 200408-12. Handling rich text format messages. Resolving local hostname...

CVE-2004-0005

Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via 1 octal encoding in yahoodecode that causes a null byte to be written beyond the buffer, 2 octal encoding in yahoodecode that causes a pointer to reference memory...

[SECURITY] [DSA 434-1] New gaim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 434-1 [email protected] http://www.debian.org/security/ Martin Schulze February 5th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 434-1] New gaim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 434-1 [email protected] http://www.debian.org/security/ Martin Schulze February 5th, 2004 http://www.debian.org/security/faq -...

Critical: Red Hat Security Advisory: : Updated Gaim packages fix various vulnerabiliies

Updated Gaim packages that fix a number of serious vulnerabilities are now available. Gaim is an instant messenger client that can handle multiple protocols. Stefan Esser audited the Gaim source code and found a number of bugs that have security implications. Due to the nature of instant messagin...

Advisory 01/2004: 12 x Gaim remote overflows

e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: 12 x Gaim remote overflows Release Date: 2004/01/26 Last Modified: 2004/01/26 Author: Stefan Esser [email protected] Application: Gaim = 0.75 Severity: 12 vulnerabilities were found in the instant messenger GAIM that allow remot...

GAIM 0.75 Remote overflows

Background Gaim is a multi-platform and multi-protocol instant messaging client. It is compatible with AIM , ICQ, MSN Messenger, Yahoo, IRC, Jabber, Gadu-Gadu, and the Zephyr networks. Description Yahoo changed the authentication methods to their IM servers, rendering GAIM useless. The GAIM team...