- Home
- CVEs with nessus.description==A number of vulnerabilities were discovered in the gaim instant messenger program by Steffan Esser, versions 0.75 and earlier. Thanks to Jacques A. Vidrine for providing initial patches.
Multiple buffer overflows exist in gaim 0.75 and earlier: When parsing cookies in a Yahoo web connection; YMSG protocol overflows parsing the Yahoo login webpage; a YMSG packet overflow; flaws in the URL parser;
and flaws in the HTTP Proxy connect (CAN-2004-006).
A buffer overflow in gaim 0.74 and earlier in the Extract Info Field Function used for MSN and YMSG protocol handlers (CAN-2004-007).
An integer overflow in gaim 0.74 and earlier, when allocating memory for a directIM packet results in a heap overflow (CVE-2004-0008).
Update :
The patch used to correct the problem was slightly malformed and could cause an infinite loop and crash with the Yahoo protocol. The new packages have a corrected patch that resolves the problem.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top