Gaim
by Gaim
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-2589 | 0.00 | — | 0.02 | Dec 31, 2004 | Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory. | |||
| CVE-2004-0754 | 0.00 | — | 0.04 | Oct 20, 2004 | Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. | |||
| CVE-2004-0785 | 0.00 | — | 0.05 | Oct 20, 2004 | Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly… | |||
| CVE-2004-0784 | 0.00 | — | 0.02 | Oct 20, 2004 | The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. | |||
| CVE-2004-0500 | 0.00 | — | 0.05 | Sep 28, 2004 | Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. | |||
| CVE-2002-0384 | 0.00 | — | 0.05 | Oct 4, 2002 | Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. | |||
| CVE-2002-0989 | 0.00 | — | 0.03 | Sep 24, 2002 | The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. | |||
| CVE-2002-0377 | 0.00 | — | 0.00 | May 29, 2002 | Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. | |||
| CVE-2000-1172 | 0.00 | — | 0.03 | Jan 9, 2001 | Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag. |
- CVE-2004-2589Dec 31, 2004risk 0.00cvss —epss 0.02
Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
- CVE-2004-0754Oct 20, 2004risk 0.00cvss —epss 0.04
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
- CVE-2004-0785Oct 20, 2004risk 0.00cvss —epss 0.05
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly…
- CVE-2004-0784Oct 20, 2004risk 0.00cvss —epss 0.02
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
- CVE-2004-0500Sep 28, 2004risk 0.00cvss —epss 0.05
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
- CVE-2002-0384Oct 4, 2002risk 0.00cvss —epss 0.05
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
- CVE-2002-0989Sep 24, 2002risk 0.00cvss —epss 0.03
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
- CVE-2002-0377May 29, 2002risk 0.00cvss —epss 0.00
Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.
- CVE-2000-1172Jan 9, 2001risk 0.00cvss —epss 0.03
Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.
Page 2 of 2