VYPR
Unrated severityNVD Advisory· Published May 5, 2003· Updated Jun 16, 2026

CVE-2003-0163

CVE-2003-0163

Description

decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte.

Affected products

4
  • cpe:2.3:a:gaim-encryption:gaim-encryption:1.13:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:gaim-encryption:gaim-encryption:1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:gaim-encryption:gaim-encryption:1.14:*:*:*:*:*:*:*
    • cpe:2.3:a:gaim-encryption:gaim-encryption:1.15:*:*:*:*:*:*:*
  • Range: <=1.15

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.