ID CVE-2004-0005
Summary Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.
References
Vulnerable Configurations
  • cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*
    cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bugtraq 20040126 Advisory 01/2004: 12 x Gaim remote overflows
cert-vn
  • VU#190366
  • VU#226974
  • VU#404470
  • VU#655974
conectiva CLA-2004:813
debian DSA-434
fulldisc 20040126 Advisory 01/2004: 12 x Gaim remote overflows
gentoo GLSA-200401-04
misc http://security.e-matters.de/advisories/012004.html
osvdb 3736
sectrack 1008850
slackware SSA:2004-026
suse SuSE-SA:2004:004
xf
  • gaim-mime-decoder-bo(14942)
  • gaim-mime-decoder-oob(14944)
  • gaim-sscanf-oob(14938)
  • gaim-yahoodecode-offbyone-bo(14935)
Last major update 11-07-2017 - 01:29
Published 03-03-2004 - 05:00
Back to Top