Total
28 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-1934 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 5.0 MEDIUM | N/A |
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error. | |||||
CVE-2005-2102 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 5.0 MEDIUM | N/A |
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters. | |||||
CVE-2005-2370 | 2 Ekg, Rob Flynn | 2 Ekg, Gaim | 2018-10-19 | 5.0 MEDIUM | N/A |
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message. | |||||
CVE-2005-2103 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 7.5 HIGH | N/A |
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n. | |||||
CVE-2005-1269 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 5.0 MEDIUM | N/A |
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name. | |||||
CVE-2005-0208 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 5.0 MEDIUM | N/A |
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473. | |||||
CVE-2005-0966 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 6.4 MEDIUM | N/A |
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions. | |||||
CVE-2005-0967 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 5.0 MEDIUM | N/A |
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read. | |||||
CVE-2005-0473 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2018-10-19 | 5.0 MEDIUM | N/A |
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | |||||
CVE-2005-0472 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2018-10-19 | 5.0 MEDIUM | N/A |
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | |||||
CVE-2005-0965 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 5.0 MEDIUM | N/A |
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. | |||||
CVE-2005-1261 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL. | |||||
CVE-2005-1262 | 1 Rob Flynn | 1 Gaim | 2018-10-19 | 5.0 MEDIUM | N/A |
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message. | |||||
CVE-2004-0785 | 1 Rob Flynn | 1 Gaim | 2017-10-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder. | |||||
CVE-2004-0754 | 1 Rob Flynn | 1 Gaim | 2017-10-10 | 7.5 HIGH | N/A |
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. | |||||
CVE-2004-0891 | 4 Gentoo, Rob Flynn, Slackware and 1 more | 4 Linux, Gaim, Slackware Linux and 1 more | 2017-10-10 | 10.0 HIGH | N/A |
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. | |||||
CVE-2004-0006 | 2 Rob Flynn, Ultramagnetic | 2 Gaim, Ultramagnetic | 2017-10-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. | |||||
CVE-2004-0007 | 2 Rob Flynn, Ultramagnetic | 2 Gaim, Ultramagnetic | 2017-10-10 | 7.5 HIGH | N/A |
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2004-0008 | 2 Rob Flynn, Ultramagnetic | 2 Gaim, Ultramagnetic | 2017-10-10 | 7.5 HIGH | N/A |
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | |||||
CVE-2004-0500 | 3 Gentoo, Mandrakesoft, Rob Flynn | 3 Linux, Mandrake Linux, Gaim | 2017-10-10 | 7.5 HIGH | N/A |
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. |