Search criteria
28 vulnerabilities by rob_flynn
CVE-2004-2589 (GCVE-0-2004-2589)
Vulnerability from cvelistv5 – Published: 2005-11-28 23:00 – Updated: 2024-08-08 01:29
VLAI
Summary
Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/9264 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1011083 | vdb-entryx_refsource_SECTRACK |
| http://gaim.sourceforge.net/security/?id=6 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/11056 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/12383 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2004-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:29:14.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gaim-content-length-dos(17150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17150"
},
{
"name": "9264",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9264"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=6"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "gaim-content-length-dos(17150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17150"
},
{
"name": "9264",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9264"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=6"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gaim-content-length-dos(17150)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17150"
},
{
"name": "9264",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9264"
},
{
"name": "1011083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "http://gaim.sourceforge.net/security/?id=6",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=6"
},
{
"name": "11056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2589",
"datePublished": "2005-11-28T23:00:00.000Z",
"dateReserved": "2005-11-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:29:14.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2102 (GCVE-0-2005-2102)
Vulnerability from cvelistv5 – Published: 2005-08-16 04:00 – Updated: 2024-08-07 22:15
VLAI
Summary
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://gaim.sourceforge.net/security/?id=21 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/14531 | vdb-entryx_refsource_BID |
| https://usn.ubuntu.com/168-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.redhat.com/support/errata/RHSA-2005-627.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2005-08-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:15:37.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=21"
},
{
"name": "14531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "oval:org.mitre.oval:def:9283",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=21"
},
{
"name": "14531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "oval:org.mitre.oval:def:9283",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2102",
"datePublished": "2005-08-16T04:00:00.000Z",
"dateReserved": "2005-06-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:15:37.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2103 (GCVE-0-2005-2103)
Vulnerability from cvelistv5 – Published: 2005-08-16 04:00 – Updated: 2025-01-16 19:43
VLAI
Summary
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
Severity
9.8 (Critical)
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://gaim.sourceforge.net/security/?id=22 | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.securityfocus.com/bid/14531 | vdb-entryx_refsource_BID |
| https://usn.ubuntu.com/168-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://www.redhat.com/support/errata/RHSA-2005-627.html | vendor-advisoryx_refsource_REDHAT |
| http://www.redhat.com/support/errata/RHSA-2005-589.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2005-08-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:15:37.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=22"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "oval:org.mitre.oval:def:11477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477"
},
{
"name": "14531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "RHSA-2005:589",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-589.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2005-2103",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-05T21:54:23.938897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-131",
"description": "CWE-131 Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T19:43:45.313Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=22"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "SUSE-SR:2005:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "oval:org.mitre.oval:def:11477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477"
},
{
"name": "14531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "RHSA-2005:589",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-589.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2103",
"datePublished": "2005-08-16T04:00:00.000Z",
"dateReserved": "2005-06-30T00:00:00.000Z",
"dateUpdated": "2025-01-16T19:43:45.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2370 (GCVE-0-2005-2370)
Vulnerability from cvelistv5 – Published: 2005-07-26 04:00 – Updated: 2024-08-07 22:22
VLAI
Summary
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://gaim.sourceforge.net/security/index.php?id=20 | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/bid/24600 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=112198499417250&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/16265 | third-party-advisoryx_refsource_SECUNIA |
| http://www.debian.org/security/2005/dsa-813 | vendor-advisoryx_refsource_DEBIAN |
| http://www.debian.org/security/2007/dsa-1318 | vendor-advisoryx_refsource_DEBIAN |
| http://www.redhat.com/support/errata/RHSA-2005-627.html | vendor-advisoryx_refsource_REDHAT |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2005-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:49.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=20"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "24600",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24600"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "16265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16265"
},
{
"name": "DSA-813",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-813"
},
{
"name": "DSA-1318",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1318"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "oval:org.mitre.oval:def:10456",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple \"memory alignment errors\" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=20"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "24600",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24600"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "16265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16265"
},
{
"name": "DSA-813",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-813"
},
{
"name": "DSA-1318",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1318"
},
{
"name": "RHSA-2005:627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "oval:org.mitre.oval:def:10456",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-2370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple \"memory alignment errors\" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://gaim.sourceforge.net/security/index.php?id=20",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/index.php?id=20"
},
{
"name": "FLSA:158543",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "24600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24600"
},
{
"name": "20050721 Multiple vulnerabilities in libgadu and ekg package",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112198499417250\u0026w=2"
},
{
"name": "16265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16265"
},
{
"name": "DSA-813",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-813"
},
{
"name": "DSA-1318",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1318"
},
{
"name": "RHSA-2005:627",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "oval:org.mitre.oval:def:10456",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-2370",
"datePublished": "2005-07-26T04:00:00.000Z",
"dateReserved": "2005-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:22:49.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1269 (GCVE-0-2005-1269)
Vulnerability from cvelistv5 – Published: 2005-06-14 04:00 – Updated: 2024-08-07 21:44
VLAI
Summary
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://gaim.sourceforge.net/security/?id=18 | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.redhat.com/support/errata/RHSA-2005-518.html | vendor-advisoryx_refsource_REDHAT |
| http://www.debian.org/security/2005/dsa-734 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/13931 | vdb-entryx_refsource_BID |
| https://usn.ubuntu.com/139-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://security.gentoo.org/glsa/glsa-200506-11.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
Date Public
2005-06-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:06.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=18"
},
{
"name": "oval:org.mitre.oval:def:744",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A744"
},
{
"name": "oval:org.mitre.oval:def:9544",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9544"
},
{
"name": "MDKSA-2005:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"name": "RHSA-2005:518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"name": "DSA-734",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"name": "13931",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13931"
},
{
"name": "USN-139-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/139-1/"
},
{
"name": "GLSA-200506-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=18"
},
{
"name": "oval:org.mitre.oval:def:744",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A744"
},
{
"name": "oval:org.mitre.oval:def:9544",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9544"
},
{
"name": "MDKSA-2005:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"name": "RHSA-2005:518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"name": "DSA-734",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"name": "13931",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13931"
},
{
"name": "USN-139-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/139-1/"
},
{
"name": "GLSA-200506-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1269",
"datePublished": "2005-06-14T04:00:00.000Z",
"dateReserved": "2005-04-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:44:06.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1934 (GCVE-0-2005-1934)
Vulnerability from cvelistv5 – Published: 2005-06-09 04:00 – Updated: 2024-08-07 22:06
VLAI
Summary
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.securityfocus.com/bid/13932 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.redhat.com/support/errata/RHSA-2005-518.html | vendor-advisoryx_refsource_REDHAT |
| http://www.debian.org/security/2005/dsa-734 | vendor-advisoryx_refsource_DEBIAN |
| http://sourceforge.net/tracker/index.php?func=det… | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://security.gentoo.org/glsa/glsa-200506-11.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
Date Public
2005-06-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:263",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263"
},
{
"name": "13932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13932"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "MDKSA-2005:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"name": "RHSA-2005:518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"name": "DSA-734",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1205290\u0026group_id=235\u0026atid=100235"
},
{
"name": "oval:org.mitre.oval:def:10368",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368"
},
{
"name": "GLSA-200506-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "oval:org.mitre.oval:def:263",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263"
},
{
"name": "13932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13932"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "MDKSA-2005:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:099"
},
{
"name": "RHSA-2005:518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-518.html"
},
{
"name": "DSA-734",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-734"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1205290\u0026group_id=235\u0026atid=100235"
},
{
"name": "oval:org.mitre.oval:def:10368",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368"
},
{
"name": "GLSA-200506-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200506-11.xml"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1934",
"datePublished": "2005-06-09T04:00:00.000Z",
"dateReserved": "2005-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:06:57.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1261 (GCVE-0-2005-1261)
Vulnerability from cvelistv5 – Published: 2005-05-11 04:00 – Updated: 2024-08-07 21:44
VLAI
Summary
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/13590 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://www.vupen.com/english/advisories/2005/0519 | vdb-entryx_refsource_VUPEN |
| http://gaim.sourceforge.net/security/index.php?id=16 | x_refsource_CONFIRM |
| http://www.redhat.com/support/errata/RHSA-2005-429.html | vendor-advisoryx_refsource_REDHAT |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.redhat.com/support/errata/RHSA-2005-432.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2005-05-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:06.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13590",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13590"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "ADV-2005-0519",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=16"
},
{
"name": "RHSA-2005:429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"name": "oval:org.mitre.oval:def:10725",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725"
},
{
"name": "RHSA-2005:432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "13590",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13590"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "ADV-2005-0519",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=16"
},
{
"name": "RHSA-2005:429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"name": "oval:org.mitre.oval:def:10725",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725"
},
{
"name": "RHSA-2005:432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1261",
"datePublished": "2005-05-11T04:00:00.000Z",
"dateReserved": "2005-04-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:44:06.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1262 (GCVE-0-2005-1262)
Vulnerability from cvelistv5 – Published: 2005-05-11 04:00 – Updated: 2024-08-07 21:44
VLAI
Summary
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/bid/13591 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2005/0519 | vdb-entryx_refsource_VUPEN |
| http://gaim.sourceforge.net/security/index.php?id=17 | x_refsource_CONFIRM |
| http://www.redhat.com/support/errata/RHSA-2005-429.html | vendor-advisoryx_refsource_REDHAT |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
Date Public
2005-05-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:05.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "13591",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13591"
},
{
"name": "ADV-2005-0519",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=17"
},
{
"name": "RHSA-2005:429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"name": "oval:org.mitre.oval:def:10861",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "13591",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13591"
},
{
"name": "ADV-2005-0519",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=17"
},
{
"name": "RHSA-2005:429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-429.html"
},
{
"name": "oval:org.mitre.oval:def:10861",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1262",
"datePublished": "2005-05-11T04:00:00.000Z",
"dateReserved": "2005-04-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:44:05.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0967 (GCVE-0-2005-0967)
Vulnerability from cvelistv5 – Published: 2005-04-06 04:00 – Updated: 2024-08-07 21:35
VLAI
Summary
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://sourceforge.net/tracker/?func=detail&aid=1… | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://gaim.sourceforge.net/security/?id=15 | x_refsource_CONFIRM |
| http://secunia.com/advisories/14815 | third-party-advisoryx_refsource_SECUNIA |
| http://www.redhat.com/support/errata/RHSA-2005-365.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/13004 | vdb-entryx_refsource_BID |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://securitytracker.com/id?1013645 | vdb-entryx_refsource_SECTRACK |
Date Public
2005-04-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:58.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/tracker/?func=detail\u0026aid=1172115\u0026group_id=235\u0026atid=100235"
},
{
"name": "oval:org.mitre.oval:def:9657",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9657"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=15"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "13004",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13004"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"name": "1013645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013645"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/tracker/?func=detail\u0026aid=1172115\u0026group_id=235\u0026atid=100235"
},
{
"name": "oval:org.mitre.oval:def:9657",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9657"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=15"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "13004",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13004"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
},
{
"name": "1013645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013645"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0967",
"datePublished": "2005-04-06T04:00:00.000Z",
"dateReserved": "2005-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:35:58.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0966 (GCVE-0-2005-0966)
Vulnerability from cvelistv5 – Published: 2005-04-04 04:00 – Updated: 2024-08-07 21:35
VLAI
Summary
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://secunia.com/advisories/14815 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/13003 | vdb-entryx_refsource_BID |
| http://gaim.sourceforge.net/security/index.php?id=14 | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.redhat.com/support/errata/RHSA-2005-365.html | vendor-advisoryx_refsource_REDHAT |
| http://marc.info/?l=bugtraq&m=111238715307356&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://sourceforge.net/project/shownotes.php?grou… | x_refsource_CONFIRM |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
Date Public
2005-04-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:58.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:9185",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9185"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "gaim-ircmsginvite-dos(19939)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19939"
},
{
"name": "13003",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=14"
},
{
"name": "gaim-irc-plugin-bo(19937)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19937"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "20050401 multiple remote denial of service vulnerabilities in Gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=235\u0026release_id=317750"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:9185",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9185"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "gaim-ircmsginvite-dos(19939)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19939"
},
{
"name": "13003",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=14"
},
{
"name": "gaim-irc-plugin-bo(19937)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19937"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "20050401 multiple remote denial of service vulnerabilities in Gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=235\u0026release_id=317750"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0966",
"datePublished": "2005-04-04T04:00:00.000Z",
"dateReserved": "2005-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:35:58.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0965 (GCVE-0-2005-0965)
Vulnerability from cvelistv5 – Published: 2005-04-04 04:00 – Updated: 2024-08-07 21:35
VLAI
Summary
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://secunia.com/advisories/14815 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/12999 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2005-365.html | vendor-advisoryx_refsource_REDHAT |
| http://marc.info/?l=bugtraq&m=111238715307356&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://gaim.sourceforge.net/security/index.php?id=13 | x_refsource_CONFIRM |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
Date Public
2005-04-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:35:58.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:11292",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11292"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "12999",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12999"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "20050401 multiple remote denial of service vulnerabilities in Gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=13"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2005:071",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:071"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:11292",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11292"
},
{
"name": "14815",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14815"
},
{
"name": "12999",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12999"
},
{
"name": "RHSA-2005:365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-365.html"
},
{
"name": "20050401 multiple remote denial of service vulnerabilities in Gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111238715307356\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=13"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0965",
"datePublished": "2005-04-04T04:00:00.000Z",
"dateReserved": "2005-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:35:58.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0208 (GCVE-0-2005-0208)
Vulnerability from cvelistv5 – Published: 2005-02-28 05:00 – Updated: 2024-08-07 21:05
VLAI
Summary
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/795812 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/archive/1/426078/100… | vendor-advisoryx_refsource_FEDORA |
| http://gaim.sourceforge.net/security/?id=12 | x_refsource_CONFIRM |
| http://secunia.com/advisories/14386 | third-party-advisoryx_refsource_SECUNIA |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.gentoo.org/security/en/glsa/glsa-20050… | vendor-advisoryx_refsource_GENTOO |
| http://marc.info/?l=bugtraq&m=110935655500670&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.securityfocus.com/bid/12660 | vdb-entryx_refsource_BID |
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://www.redhat.com/support/errata/RHSA-2005-215.html | vendor-advisoryx_refsource_REDHAT |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
Date Public
2005-02-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#795812",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/795812"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=12"
},
{
"name": "14386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14386"
},
{
"name": "oval:org.mitre.oval:def:10477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "12660",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12660"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0473."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#795812",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/795812"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=12"
},
{
"name": "14386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14386"
},
{
"name": "oval:org.mitre.oval:def:10477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "12660",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12660"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0473."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#795812",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/795812"
},
{
"name": "FLSA:158543",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "http://gaim.sourceforge.net/security/?id=12",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=12"
},
{
"name": "14386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14386"
},
{
"name": "oval:org.mitre.oval:def:10477",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477"
},
{
"name": "GLSA-200503-03",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "12660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12660"
},
{
"name": "CLA-2005:933",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:215",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "SUSE-SA:2005:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0208",
"datePublished": "2005-02-28T05:00:00.000Z",
"dateReserved": "2005-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:05:25.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0573 (GCVE-0-2005-0573)
Vulnerability from cvelistv5 – Published: 2005-02-27 05:00 – Updated: 2024-08-07 21:21
VLAI
Summary
Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://marc.info/?l=full-disclosure&m=11092838042… | mailing-listx_refsource_FULLDISC |
| http://securitytracker.com/id?1013300 | vdb-entryx_refsource_SECTRACK |
Date Public
2005-02-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050224 GAIM exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110928380421841\u0026w=2"
},
{
"name": "1013300",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains \"(\" or \")\" (parenthesis) characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050224 GAIM exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110928380421841\u0026w=2"
},
{
"name": "1013300",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains \"(\" or \")\" (parenthesis) characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050224 GAIM exploit",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=110928380421841\u0026w=2"
},
{
"name": "1013300",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0573",
"datePublished": "2005-02-27T05:00:00.000Z",
"dateReserved": "2005-02-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:21:06.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0472 (GCVE-0-2005-0472)
Vulnerability from cvelistv5 – Published: 2005-02-19 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2005-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "VU#839280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/839280"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=10"
},
{
"name": "oval:org.mitre.oval:def:10433",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
},
{
"name": "14322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14322"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "12589",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12589"
},
{
"name": "gaim-snac-dos(19380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
},
{
"name": "DSA-716",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-716"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "VU#839280",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/839280"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=10"
},
{
"name": "oval:org.mitre.oval:def:10433",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"name": "RHSA-2005:432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
},
{
"name": "14322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14322"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "12589",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12589"
},
{
"name": "gaim-snac-dos(19380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
},
{
"name": "DSA-716",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-716"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0472",
"datePublished": "2005-02-19T05:00:00.000Z",
"dateReserved": "2005-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:54.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0473 (GCVE-0-2005-0473)
Vulnerability from cvelistv5 – Published: 2005-02-19 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2005-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10212",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "VU#523888",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/523888"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "gaim-html-dos(19381)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=11"
},
{
"name": "14322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14322"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "12589",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12589"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0208."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10212",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
},
{
"name": "FLSA:158543",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
},
{
"name": "VU#523888",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/523888"
},
{
"name": "GLSA-200503-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
},
{
"name": "gaim-html-dos(19381)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
},
{
"name": "20050225 [USN-85-1] Gaim vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
},
{
"name": "MDKSA-2005:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
},
{
"name": "CLA-2005:933",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/index.php?id=11"
},
{
"name": "14322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14322"
},
{
"name": "RHSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
},
{
"name": "12589",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12589"
},
{
"name": "SUSE-SA:2005:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0473",
"datePublished": "2005-02-19T05:00:00.000Z",
"dateReserved": "2005-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:54.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0891 (GCVE-0-2004-0891)
Vulnerability from cvelistv5 – Published: 2004-10-21 04:00 – Updated: 2024-08-08 00:31
VLAI
Summary
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://bugzilla.fedora.us/show_bug.cgi?id=2188 | vendor-advisoryx_refsource_FEDORA |
| http://www.gentoo.org/security/en/glsa/glsa-20041… | vendor-advisoryx_refsource_GENTOO |
| http://gaim.sourceforge.net/security/?id=9 | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| https://www.ubuntu.com/usn/usn-8-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.redhat.com/support/errata/RHSA-2004-604.html | vendor-advisoryx_refsource_REDHAT |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gaim-msn-slp-dos(17787)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an \"unexpected sequence of MSNSLP messages\" that results in an unbounded copy operation that writes to the wrong buffer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "gaim-msn-slp-dos(17787)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an \"unexpected sequence of MSNSLP messages\" that results in an unbounded copy operation that writes to the wrong buffer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gaim-msn-slp-dos(17787)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=9",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0891",
"datePublished": "2004-10-21T04:00:00.000Z",
"dateReserved": "2004-09-22T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:31:47.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0785 (GCVE-0-2004-0785)
Vulnerability from cvelistv5 – Published: 2004-09-02 04:00 – Updated: 2024-08-08 00:31
VLAI
Summary
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
20 references
Date Public
2004-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9261",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9261"
},
{
"name": "9263",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9263"
},
{
"name": "gaim-hostname-bo(17142)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17142"
},
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=5"
},
{
"name": "12480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12480"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=3"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13101"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "9262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9262"
},
{
"name": "gaim-rtf-bo(17141)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17141"
},
{
"name": "12929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12929"
},
{
"name": "gaim-url-bo(17143)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17143"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "oval:org.mitre.oval:def:10907",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=4"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9261",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9261"
},
{
"name": "9263",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9263"
},
{
"name": "gaim-hostname-bo(17142)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17142"
},
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=5"
},
{
"name": "12480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12480"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=3"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13101"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "9262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9262"
},
{
"name": "gaim-rtf-bo(17141)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17141"
},
{
"name": "12929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12929"
},
{
"name": "gaim-url-bo(17143)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17143"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "oval:org.mitre.oval:def:10907",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=4"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9261",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9261"
},
{
"name": "9263",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9263"
},
{
"name": "gaim-hostname-bo(17142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17142"
},
{
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=5",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=5"
},
{
"name": "12480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12480"
},
{
"name": "http://gaim.sourceforge.net/security/?id=3",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=3"
},
{
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13101"
},
{
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "9262",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9262"
},
{
"name": "gaim-rtf-bo(17141)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17141"
},
{
"name": "12929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12929"
},
{
"name": "gaim-url-bo(17143)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17143"
},
{
"name": "1011083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "oval:org.mitre.oval:def:10907",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907"
},
{
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "http://gaim.sourceforge.net/security/?id=4",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=4"
},
{
"name": "11056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0785",
"datePublished": "2004-09-02T04:00:00.000Z",
"dateReserved": "2004-08-17T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:31:46.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0754 (GCVE-0-2004-0754)
Vulnerability from cvelistv5 – Published: 2004-09-02 04:00 – Updated: 2024-08-08 00:31
VLAI
Summary
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2004-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10220",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220"
},
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=2"
},
{
"name": "12480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12480"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13101"
},
{
"name": "9260",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9260"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-groupware-integer-overflow(17140)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17140"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10220",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220"
},
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=2"
},
{
"name": "12480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12480"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13101"
},
{
"name": "9260",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9260"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "1011083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-groupware-integer-overflow(17140)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17140"
},
{
"name": "11056",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:10220",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220"
},
{
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=2",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=2"
},
{
"name": "12480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12480"
},
{
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "13101",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13101"
},
{
"name": "9260",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9260"
},
{
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "1011083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011083"
},
{
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-groupware-integer-overflow(17140)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17140"
},
{
"name": "11056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11056"
},
{
"name": "12383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0754",
"datePublished": "2004-09-02T04:00:00.000Z",
"dateReserved": "2004-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:31:47.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0784 (GCVE-0-2004-0784)
Vulnerability from cvelistv5 – Published: 2004-09-02 04:00 – Updated: 2024-08-08 00:31
VLAI
Summary
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.fedoranews.org/updates/FEDORA-2004-278.shtml | vendor-advisoryx_refsource_FEDORA |
| http://www.fedoranews.org/updates/FEDORA-2004-279.shtml | vendor-advisoryx_refsource_FEDORA |
| http://www.gentoo.org/security/en/glsa/glsa-20040… | vendor-advisoryx_refsource_GENTOO |
| http://gaim.sourceforge.net/security/?id=1 | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.redhat.com/support/errata/RHSA-2004-400.html | vendor-advisoryx_refsource_REDHAT |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=1"
},
{
"name": "oval:org.mitre.oval:def:10008",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-smiley-command-execution(17144)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=1"
},
{
"name": "oval:org.mitre.oval:def:10008",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-smiley-command-execution(17144)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0784",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=1",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=1"
},
{
"name": "oval:org.mitre.oval:def:10008",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008"
},
{
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "gaim-smiley-command-execution(17144)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0784",
"datePublished": "2004-09-02T04:00:00.000Z",
"dateReserved": "2004-08-17T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:31:46.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0500 (GCVE-0-2004-0500)
Vulnerability from cvelistv5 – Published: 2004-09-02 04:00 – Updated: 2024-08-08 00:17
VLAI
Summary
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://www.fedoranews.org/updates/FEDORA-2004-278.shtml | vendor-advisoryx_refsource_FEDORA |
| http://www.fedoranews.org/updates/FEDORA-2004-279.shtml | vendor-advisoryx_refsource_FEDORA |
| http://www.gentoo.org/security/en/glsa/glsa-20040… | vendor-advisoryx_refsource_GENTOO |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://www.mandrakesecure.net/en/advisories/advis… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.gentoo.org/security/en/glsa/glsa-20040… | vendor-advisoryx_refsource_GENTOO |
| http://gaim.sourceforge.net/security/?id=0 | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.redhat.com/support/errata/RHSA-2004-400.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/10865 | vdb-entryx_refsource_BID |
Date Public
2004-08-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:15.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "SUSE-SA:2004:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"name": "MDKSA-2004:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"name": "GLSA-200408-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"name": "gaim-msn-bo(16920)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"name": "oval:org.mitre.oval:def:9429",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "10865",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10865"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2004-278",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "SUSE-SA:2004:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"name": "MDKSA-2004:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"name": "GLSA-200408-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"name": "gaim-msn-bo(16920)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"name": "oval:org.mitre.oval:def:9429",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
},
{
"name": "RHSA-2004:400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "10865",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10865"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2004-278",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-278.shtml"
},
{
"name": "FEDORA-2004-279",
"refsource": "FEDORA",
"url": "http://www.fedoranews.org/updates/FEDORA-2004-279.shtml"
},
{
"name": "GLSA-200408-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml"
},
{
"name": "SUSE-SA:2004:025",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_25_gaim.html"
},
{
"name": "MDKSA-2004:081",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081"
},
{
"name": "GLSA-200408-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=0",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=0"
},
{
"name": "gaim-msn-bo(16920)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16920"
},
{
"name": "oval:org.mitre.oval:def:9429",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429"
},
{
"name": "RHSA-2004:400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-400.html"
},
{
"name": "10865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10865"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0500",
"datePublished": "2004-09-02T04:00:00.000Z",
"dateReserved": "2004-05-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:17:15.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0384 (GCVE-0-2002-0384)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 02:49
VLAI
Summary
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2002-107.html | vendor-advisoryx_refsource_REDHAT |
| http://online.securityfocus.com/advisories/4358 | vendor-advisoryx_refsource_HP |
| http://www.redhat.com/support/errata/RHSA-2002-122.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/5406 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/3729 | vdb-entryx_refsource_OSVDB |
| http://www.redhat.com/support/errata/RHSA-2002-098.html | vendor-advisoryx_refsource_REDHAT |
| http://www.redhat.com/support/errata/RHSA-2003-156.html | vendor-advisoryx_refsource_REDHAT |
| http://frontal2.mandriva.com/security/advisories?… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.iss.net/security_center/static/9766.php | vdb-entryx_refsource_XF |
Date Public
2002-08-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:27.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"
},
{
"name": "HPSBTL0208-057",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4358"
},
{
"name": "RHSA-2002:122",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"
},
{
"name": "5406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5406"
},
{
"name": "3729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3729"
},
{
"name": "RHSA-2002:098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"
},
{
"name": "RHSA-2003:156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "MDKSA-2002:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "gaim-jabber-module-bo(9766)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9766.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"
},
{
"name": "HPSBTL0208-057",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4358"
},
{
"name": "RHSA-2002:122",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"
},
{
"name": "5406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5406"
},
{
"name": "3729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3729"
},
{
"name": "RHSA-2002:098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"
},
{
"name": "RHSA-2003:156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "MDKSA-2002:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "gaim-jabber-module-bo(9766)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9766.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:107",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"
},
{
"name": "HPSBTL0208-057",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4358"
},
{
"name": "RHSA-2002:122",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"
},
{
"name": "5406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5406"
},
{
"name": "3729",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3729"
},
{
"name": "RHSA-2002:098",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"
},
{
"name": "RHSA-2003:156",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "MDKSA-2002:054",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "gaim-jabber-module-bo(9766)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9766.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0384",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-05-22T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:49:27.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0005 (GCVE-0-2004-0005)
Vulnerability from cvelistv5 – Published: 2004-02-03 05:00 – Updated: 2024-08-08 00:01
VLAI
Summary
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2004-01-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gaim-mime-decoder-oob(14944)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14944"
},
{
"name": "VU#226974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/226974"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "gaim-mime-decoder-bo(14942)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14942"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "gaim-yahoodecode-offbyone-bo(14935)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14935"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/200401-04"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "3736",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3736"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#655974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/655974"
},
{
"name": "VU#190366",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/190366"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "VU#404470",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/404470"
},
{
"name": "gaim-sscanf-oob(14938)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14938"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "gaim-mime-decoder-oob(14944)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14944"
},
{
"name": "VU#226974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/226974"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "gaim-mime-decoder-bo(14942)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14942"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "gaim-yahoodecode-offbyone-bo(14935)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14935"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/200401-04"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "3736",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3736"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#655974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/655974"
},
{
"name": "VU#190366",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/190366"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "VU#404470",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/404470"
},
{
"name": "gaim-sscanf-oob(14938)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14938"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gaim-mime-decoder-oob(14944)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14944"
},
{
"name": "VU#226974",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/226974"
},
{
"name": "DSA-434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "gaim-mime-decoder-bo(14942)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14942"
},
{
"name": "SuSE-SA:2004:004",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "SSA:2004-026",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "gaim-yahoodecode-offbyone-bo(14935)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14935"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "GLSA-200401-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/200401-04"
},
{
"name": "1008850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "http://security.e-matters.de/advisories/012004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "3736",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3736"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#655974",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/655974"
},
{
"name": "VU#190366",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/190366"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "VU#404470",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/404470"
},
{
"name": "gaim-sscanf-oob(14938)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14938"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0005",
"datePublished": "2004-02-03T05:00:00.000Z",
"dateReserved": "2004-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:01:23.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0008 (GCVE-0-2004-0008)
Vulnerability from cvelistv5 – Published: 2004-01-29 05:00 – Updated: 2024-08-08 00:01
VLAI
Summary
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
21 references
Date Public
2004-01-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040127 [slackware-security] GAIM security update (SSA:2004-026-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522338611564\u0026w=2"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
},
{
"name": "3734",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3734"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9469",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "gaim-directim-bo(14937)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"name": "VU#779614",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "RHSA-2004:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040127 [slackware-security] GAIM security update (SSA:2004-026-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522338611564\u0026w=2"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
},
{
"name": "3734",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3734"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9469",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "gaim-directim-bo(14937)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"name": "VU#779614",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "RHSA-2004:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040127 [slackware-security] GAIM security update (SSA:2004-026-01)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107522338611564\u0026w=2"
},
{
"name": "DSA-434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:820",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
},
{
"name": "3734",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3734"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9469",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
},
{
"name": "http://ultramagnetic.sourceforge.net/advisories/001.html",
"refsource": "CONFIRM",
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"name": "http://security.e-matters.de/advisories/012004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "gaim-directim-bo(14937)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"name": "VU#779614",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "RHSA-2004:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0008",
"datePublished": "2004-01-29T05:00:00.000Z",
"dateReserved": "2004-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:01:23.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0006 (GCVE-0-2004-0006)
Vulnerability from cvelistv5 – Published: 2004-01-29 05:00 – Updated: 2024-08-08 00:01
VLAI
Summary
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
34 references
Date Public
2004-01-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "9489",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "3732",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3732"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "oval:org.mitre.oval:def:818",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818"
},
{
"name": "VU#871838",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/871838"
},
{
"name": "VU#444158",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/444158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "VU#297198",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/297198"
},
{
"name": "gaim-login-value-bo(14941)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14941"
},
{
"name": "oval:org.mitre.oval:def:10222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "gaim-yahoowebpending-cookie-bo(14939)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14939"
},
{
"name": "gaim-http-proxy-bo(14947)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14947"
},
{
"name": "gaim-login-name-bo(14940)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14940"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#527142",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/527142"
},
{
"name": "gaim-urlparser-bo(14945)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14945"
},
{
"name": "VU#371382",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/371382"
},
{
"name": "gaim-yahoopacketread-keyname-bo(14943)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14943"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "3731",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3731"
},
{
"name": "VU#503030",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/503030"
},
{
"name": "RHSA-2004:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "9489",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "3732",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3732"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "oval:org.mitre.oval:def:818",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818"
},
{
"name": "VU#871838",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/871838"
},
{
"name": "VU#444158",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/444158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "VU#297198",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/297198"
},
{
"name": "gaim-login-value-bo(14941)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14941"
},
{
"name": "oval:org.mitre.oval:def:10222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "gaim-yahoowebpending-cookie-bo(14939)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14939"
},
{
"name": "gaim-http-proxy-bo(14947)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14947"
},
{
"name": "gaim-login-name-bo(14940)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14940"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#527142",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/527142"
},
{
"name": "gaim-urlparser-bo(14945)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14945"
},
{
"name": "VU#371382",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/371382"
},
{
"name": "gaim-yahoopacketread-keyname-bo(14943)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14943"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "3731",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3731"
},
{
"name": "VU#503030",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/503030"
},
{
"name": "RHSA-2004:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "9489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "20040201-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "SuSE-SA:2004:004",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html"
},
{
"name": "3732",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3732"
},
{
"name": "SSA:2004-026",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "oval:org.mitre.oval:def:818",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818"
},
{
"name": "VU#871838",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/871838"
},
{
"name": "VU#444158",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/444158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "VU#297198",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/297198"
},
{
"name": "gaim-login-value-bo(14941)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14941"
},
{
"name": "oval:org.mitre.oval:def:10222",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222"
},
{
"name": "http://ultramagnetic.sourceforge.net/advisories/001.html",
"refsource": "CONFIRM",
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"name": "http://security.e-matters.de/advisories/012004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "MDKSA-2004:006",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "gaim-yahoowebpending-cookie-bo(14939)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14939"
},
{
"name": "gaim-http-proxy-bo(14947)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14947"
},
{
"name": "gaim-login-name-bo(14940)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14940"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "VU#527142",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/527142"
},
{
"name": "gaim-urlparser-bo(14945)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14945"
},
{
"name": "VU#371382",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/371382"
},
{
"name": "gaim-yahoopacketread-keyname-bo(14943)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14943"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "3731",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3731"
},
{
"name": "VU#503030",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/503030"
},
{
"name": "RHSA-2004:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0006",
"datePublished": "2004-01-29T05:00:00.000Z",
"dateReserved": "2004-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:01:23.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0007 (GCVE-0-2004-0007)
Vulnerability from cvelistv5 – Published: 2004-01-29 05:00 – Updated: 2024-08-08 00:01
VLAI
Summary
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
20 references
Date Public
2004-01-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9489",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:9906",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "3733",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3733"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "oval:org.mitre.oval:def:819",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819"
},
{
"name": "VU#197142",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/197142"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/6281"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "gaim-extractinfo-bo(14946)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14946"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9489",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "RHSA-2004:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:9906",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906"
},
{
"name": "SSA:2004-026",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "3733",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3733"
},
{
"name": "MDKSA-2004:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "oval:org.mitre.oval:def:819",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819"
},
{
"name": "VU#197142",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/197142"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "SuSE-SA:2004:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.securityfocus.com/advisories/6281"
},
{
"name": "CLA-2004:813",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "gaim-extractinfo-bo(14946)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14946"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9489"
},
{
"name": "DSA-434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-434"
},
{
"name": "RHSA-2004:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
},
{
"name": "oval:org.mitre.oval:def:9906",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906"
},
{
"name": "SSA:2004-026",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2"
},
{
"name": "http://ultramagnetic.sourceforge.net/advisories/001.html",
"refsource": "CONFIRM",
"url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
},
{
"name": "GLSA-200401-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
},
{
"name": "1008850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008850"
},
{
"name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2"
},
{
"name": "http://security.e-matters.de/advisories/012004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/012004.html"
},
{
"name": "RHSA-2004:033",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
},
{
"name": "3733",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3733"
},
{
"name": "MDKSA-2004:006",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
},
{
"name": "oval:org.mitre.oval:def:819",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819"
},
{
"name": "VU#197142",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/197142"
},
{
"name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
},
{
"name": "SuSE-SA:2004:004",
"refsource": "SUSE",
"url": "http://www.securityfocus.com/advisories/6281"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813"
},
{
"name": "gaim-extractinfo-bo(14946)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14946"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0007",
"datePublished": "2004-01-29T05:00:00.000Z",
"dateReserved": "2004-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:01:23.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0989 (GCVE-0-2002-0989)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:12
VLAI
Summary
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2002-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020827 GLSA: gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103046442403404\u0026w=2"
},
{
"name": "HPSBTL0209-067",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4471"
},
{
"name": "5033",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5033"
},
{
"name": "5574",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5574"
},
{
"name": "RHSA-2002:190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-190.html"
},
{
"name": "RHSA-2002:191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-191.html"
},
{
"name": "CLA-2002:521",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000521"
},
{
"name": "FreeBSD-SN-02:06",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728"
},
{
"name": "RHSA-2003:156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "gaim-url-handler-command-execution(9978)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9978.php"
},
{
"name": "MDKSA-2002:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "RHSA-2002:189",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-189.html"
},
{
"name": "DSA-158",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-158"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020827 GLSA: gaim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103046442403404\u0026w=2"
},
{
"name": "HPSBTL0209-067",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4471"
},
{
"name": "5033",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5033"
},
{
"name": "5574",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5574"
},
{
"name": "RHSA-2002:190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-190.html"
},
{
"name": "RHSA-2002:191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-191.html"
},
{
"name": "CLA-2002:521",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000521"
},
{
"name": "FreeBSD-SN-02:06",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728"
},
{
"name": "RHSA-2003:156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "gaim-url-handler-command-execution(9978)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9978.php"
},
{
"name": "MDKSA-2002:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "RHSA-2002:189",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-189.html"
},
{
"name": "DSA-158",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-158"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020827 GLSA: gaim",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103046442403404\u0026w=2"
},
{
"name": "HPSBTL0209-067",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4471"
},
{
"name": "5033",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5033"
},
{
"name": "5574",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5574"
},
{
"name": "RHSA-2002:190",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-190.html"
},
{
"name": "RHSA-2002:191",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-191.html"
},
{
"name": "CLA-2002:521",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000521"
},
{
"name": "FreeBSD-SN-02:06",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc"
},
{
"name": "http://gaim.sourceforge.net/ChangeLog",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728"
},
{
"name": "RHSA-2003:156",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"
},
{
"name": "gaim-url-handler-command-execution(9978)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9978.php"
},
{
"name": "MDKSA-2002:054",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"
},
{
"name": "RHSA-2002:189",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-189.html"
},
{
"name": "DSA-158",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-158"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0989",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:17.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0377 (GCVE-0-2002-0377)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
VLAI
Summary
Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=102130733815285&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/4730 | vdb-entryx_refsource_BID |
| http://gaim.sourceforge.net/ChangeLog | x_refsource_CONFIRM |
| http://archives.neohapsis.com/archives/vuln-dev/2… | mailing-listx_refsource_VULN-DEV |
| http://www.iss.net/security_center/static/9061.php | vdb-entryx_refsource_XF |
Date Public
2002-05-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:27.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020512 Gaim abritary Email Reading",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102130733815285\u0026w=2"
},
{
"name": "4730",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"name": "20020511 Gaim abritary Email Reading",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html"
},
{
"name": "gaim-email-access(9061)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9061.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020512 Gaim abritary Email Reading",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102130733815285\u0026w=2"
},
{
"name": "4730",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"name": "20020511 Gaim abritary Email Reading",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV"
],
"url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html"
},
{
"name": "gaim-email-access(9061)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9061.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020512 Gaim abritary Email Reading",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102130733815285\u0026w=2"
},
{
"name": "4730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4730"
},
{
"name": "http://gaim.sourceforge.net/ChangeLog",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/ChangeLog"
},
{
"name": "20020511 Gaim abritary Email Reading",
"refsource": "VULN-DEV",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html"
},
{
"name": "gaim-email-access(9061)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9061.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0377",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:49:27.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-1172 (GCVE-0-2000-1172)
Vulnerability from cvelistv5 – Published: 2000-12-19 05:00 – Updated: 2024-08-08 05:45
VLAI
Summary
Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/1948 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
Date Public
2000-11-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1948",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1948"
},
{
"name": "20001110 Advisory: Gaim remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1948",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1948"
},
{
"name": "20001110 Advisory: Gaim remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1172",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1948"
},
{
"name": "20001110 Advisory: Gaim remote vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1172",
"datePublished": "2000-12-19T05:00:00.000Z",
"dateReserved": "2000-12-14T00:00:00.000Z",
"dateUpdated": "2024-08-08T05:45:37.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}