Rob Flynn

Gaim

26 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2005-0208

  • EPSS 11.99%
  • Published 02.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.

5

CVE-2005-0472

  • EPSS 8.2%
  • Published 14.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

5

CVE-2005-0473

  • EPSS 18.52%
  • Published 14.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.

10

CVE-2004-0891

  • EPSS 5.44%
  • Published 27.01.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbound...

5

CVE-2004-2589

  • EPSS 0.79%
  • Published 31.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.

7.5

CVE-2004-0785

  • EPSS 6.3%
  • Published 20.10.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a lon...

7.5

CVE-2004-0784

  • EPSS 1.27%
  • Published 20.10.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.

7.5

CVE-2004-0754

  • EPSS 5.6%
  • Published 20.10.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.

7.5

CVE-2004-0500

  • EPSS 3.26%
  • Published 28.09.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strnc...

7.5

CVE-2004-0008

  • EPSS 19.98%
  • Published 03.03.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.