Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0784

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0784
Last Modified 21 Aug 2010 12:21:15
Published 20 Oct 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0784

Summary

The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.

Vulnerable Systems

Application

  • Rob Flynn Gaim 0.10

  • Rob Flynn Gaim 0.10.3

  • Rob Flynn Gaim 0.50

  • Rob Flynn Gaim 0.51

  • Rob Flynn Gaim 0.52

  • Rob Flynn Gaim 0.53

  • Rob Flynn Gaim 0.54

  • Rob Flynn Gaim 0.55

  • Rob Flynn Gaim 0.56

  • Rob Flynn Gaim 0.57

  • Rob Flynn Gaim 0.58

  • Rob Flynn Gaim 0.59

  • Rob Flynn Gaim 0.59.1

  • Rob Flynn Gaim 0.60

  • Rob Flynn Gaim 0.61

  • Rob Flynn Gaim 0.62

  • Rob Flynn Gaim 0.63

  • Rob Flynn Gaim 0.64

  • Rob Flynn Gaim 0.65

  • Rob Flynn Gaim 0.66

  • Rob Flynn Gaim 0.67

  • Rob Flynn Gaim 0.68

  • Rob Flynn Gaim 0.69

  • Rob Flynn Gaim 0.70

  • Rob Flynn Gaim 0.71

  • Rob Flynn Gaim 0.72

  • Rob Flynn Gaim 0.73

  • Rob Flynn Gaim 0.74

  • Rob Flynn Gaim 0.75


References

XF - gaim-smiley-command-execution(17144)

FEDORA - FEDORA-2004-279

FEDORA - FEDORA-2004-278

CONFIRM - http://gaim.sourceforge.net/security/?id=1

REDHAT - RHSA-2004:400

GENTOO - GLSA-200408-27


Last Updated: 27 May 2016 10:38:45