Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0989

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0989
Last Modified 10 Sep 2008 03:13:30
Published 24 Sep 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0989

Summary

The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.

Vulnerable Systems

Application

  • Rob Flynn Gaim 0.51

  • Rob Flynn Gaim 0.52

  • Rob Flynn Gaim 0.53

  • Rob Flynn Gaim 0.54

  • Rob Flynn Gaim 0.55

  • Rob Flynn Gaim 0.56

  • Rob Flynn Gaim 0.57

  • Rob Flynn Gaim 0.58

  • Rob Flynn Gaim 0.59


References

DEBIAN - DSA-158

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728

CONFIRM - http://gaim.sourceforge.net/ChangeLog

BID - 5574

REDHAT - RHSA-2003:156

REDHAT - RHSA-2002:191

REDHAT - RHSA-2002:190

REDHAT - RHSA-2002:189

OSVDB - 5033

XF - gaim-url-handler-command-execution(9978)

HP - HPSBTL0209-067

BUGTRAQ - 20020827 GLSA: gaim

MANDRAKE - MDKSA-2002:054

CONECTIVA - CLA-2002:521

FREEBSD - FreeBSD-SN-02:06


Last Updated: 27 May 2016 10:37:09