7.5

CVE-2002-0989

Exploit
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rob FlynnGaim Version0.51
Rob FlynnGaim Version0.52
Rob FlynnGaim Version0.53
Rob FlynnGaim Version0.54
Rob FlynnGaim Version0.55
Rob FlynnGaim Version0.56
Rob FlynnGaim Version0.57
Rob FlynnGaim Version0.58
Rob FlynnGaim Version0.59
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.19% 0.864
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://gaim.sourceforge.net/ChangeLog
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728
Patch
Vendor Advisory
Exploit
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000521
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054
http://marc.info/?l=bugtraq&m=103046442403404&w=2
http://online.securityfocus.com/advisories/4471
http://www.debian.org/security/2002/dsa-158
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9978.php
http://www.osvdb.org/5033
http://www.redhat.com/support/errata/RHSA-2002-189.html
http://www.redhat.com/support/errata/RHSA-2002-190.html
http://www.redhat.com/support/errata/RHSA-2002-191.html
http://www.redhat.com/support/errata/RHSA-2003-156.html
http://www.securityfocus.com/bid/5574