Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Gaim
(Rob_flynn)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 26 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-10-20 | CVE-2004-0784 | The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. | Gaim | N/A | ||
| 2004-10-20 | CVE-2004-0754 | Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. | Gaim | N/A | ||
| 2004-09-28 | CVE-2004-0500 | Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. | Linux, Mandrake_linux, Gaim | N/A | ||
| 2004-03-03 | CVE-2004-0008 | Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | Gaim, Ultramagnetic | N/A | ||
| 2004-03-03 | CVE-2004-0007 | Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | Gaim, Ultramagnetic | N/A | ||
| 2004-03-03 | CVE-2004-0006 | Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. | Gaim, Ultramagnetic | N/A | ||
| 2002-09-24 | CVE-2002-0989 | The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. | Gaim | N/A | ||
| 2002-10-04 | CVE-2002-0384 | Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. | Gaim | N/A | ||
| 2002-05-29 | CVE-2002-0377 | Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. | Gaim | N/A | ||
| 2001-01-09 | CVE-2000-1172 | Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag. | Gaim | N/A |