Critical severity9.8NVD Advisory· Published Mar 3, 2004· Updated Apr 16, 2026
CVE-2004-0005
CVE-2004-0005
Description
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.
Affected products
1- cpe:2.3:a:gaim_project:gaim:0.75:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
18- security.e-matters.de/advisories/012004.htmlnvdBroken LinkPatchVendor Advisory
- www.debian.org/security/2004/dsa-434nvdBroken LinkPatchVendor Advisory
- www.slackware.com/security/viewer.phpnvdMailing ListPatch
- marc.infonvdExploitMailing List
- www.kb.cert.org/vuls/id/190366nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/226974nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/404470nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/655974nvdThird Party AdvisoryUS Government Resource
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/14935nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/14938nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/14942nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/14944nvdThird Party AdvisoryVDB Entry
- security.gentoo.org/glsa/200401-04nvdThird Party Advisory
- archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.htmlnvdBroken Link
- distro.conectiva.com.br/atualizacoes/nvdBroken Link
- www.novell.com/linux/security/advisories/2004_04_gaim.htmlnvdBroken Link
- www.osvdb.org/3736nvdBroken Link
News mentions
0No linked articles in our index yet.