Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0785

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0785
Last Modified 21 Aug 2010 12:21:16
Published 20 Oct 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0785

Summary

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.

Vulnerable Systems

Application

  • Rob Flynn Gaim 0.10

  • Rob Flynn Gaim 0.10.3

  • Rob Flynn Gaim 0.50

  • Rob Flynn Gaim 0.51

  • Rob Flynn Gaim 0.52

  • Rob Flynn Gaim 0.53

  • Rob Flynn Gaim 0.54

  • Rob Flynn Gaim 0.55

  • Rob Flynn Gaim 0.56

  • Rob Flynn Gaim 0.57

  • Rob Flynn Gaim 0.58

  • Rob Flynn Gaim 0.59

  • Rob Flynn Gaim 0.59.1

  • Rob Flynn Gaim 0.60

  • Rob Flynn Gaim 0.61

  • Rob Flynn Gaim 0.62

  • Rob Flynn Gaim 0.63

  • Rob Flynn Gaim 0.64

  • Rob Flynn Gaim 0.65

  • Rob Flynn Gaim 0.66

  • Rob Flynn Gaim 0.67

  • Rob Flynn Gaim 0.68

  • Rob Flynn Gaim 0.69

  • Rob Flynn Gaim 0.70

  • Rob Flynn Gaim 0.71

  • Rob Flynn Gaim 0.72

  • Rob Flynn Gaim 0.73

  • Rob Flynn Gaim 0.74

  • Rob Flynn Gaim 0.75


References

FEDORA - FEDORA-2004-279

FEDORA - FEDORA-2004-278

CONFIRM - http://gaim.sourceforge.net/security/?id=3

REDHAT - RHSA-2004:400

GENTOO - GLSA-200408-27

CONFIRM - http://gaim.sourceforge.net/security/?id=5

CONFIRM - http://gaim.sourceforge.net/security/?id=4

XF - gaim-url-bo(17143)

XF - gaim-hostname-bo(17142)

XF - gaim-rtf-bo(17141)

BID - 11056

OSVDB - 9263

OSVDB - 9262

OSVDB - 9261

SECTRACK - 1011083

SECUNIA - 13101

SECUNIA - 12929

SECUNIA - 12480

SECUNIA - 12383


Last Updated: 27 May 2016 10:38:45