Gaim@0.57 Security Vulnerabilities and Issues — Gaim@0.57 CVE List

Lucene search

Rob FlynnGaim0.57

12 matches found

CVE•added 2005/01/27 5:0 a.m.•67 views

CVE-2004-0891

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer...

10CVSS8AI score0.05439EPSS

CVE•added 2004/09/28 4:0 a.m.•58 views

CVE-2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

7.5CVSS7.7AI score0.03264EPSS

CVE•added 2004/10/20 4:0 a.m.•58 views

CVE-2004-0785

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL dec...

7.5CVSS7.5AI score0.06299EPSS

CVE•added 2004/10/20 4:0 a.m.•53 views

CVE-2004-0784

The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.

7.5CVSS7.3AI score0.01272EPSS

CVE•added 2005/06/16 4:0 a.m.•52 views

CVE-2005-1269

Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.

5CVSS8.9AI score0.02512EPSS

CVE•added 2004/10/20 4:0 a.m.•50 views

CVE-2004-0754

Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.

7.5CVSS7.6AI score0.05597EPSS

CVE•added 2005/05/11 4:0 a.m.•50 views

CVE-2005-1261

Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.

7.5CVSS7.7AI score0.1624EPSS

CVE•added 2005/11/28 11:0 p.m.•43 views

CVE-2004-2589

Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.

5CVSS6.6AI score0.00787EPSS

CVE•added 2005/05/11 4:0 a.m.•43 views

CVE-2005-1262

Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.

5CVSS6.2AI score0.01271EPSS

CVE•added 2003/04/02 5:0 a.m.•40 views

CVE-2002-0377

Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.

2.1CVSS6.1AI score0.00115EPSS

CVE•added 2004/09/01 4:0 a.m.•35 views

CVE-2002-0384

Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.

7.5CVSS7.7AI score0.0611EPSS

CVE•added 2003/04/02 5:0 a.m.•35 views

CVE-2002-0989

The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.

7.5CVSS7.2AI score0.0495EPSS