CVE-2004-0006

5 documents5 sources

Severity

7.5HIGH

EPSS

18.0%

top 4.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ROB Flynn Gaim Ultramagnetic Ultramagnetic

Timeline

PublishedMar 3

Latest updateMay 3

Description

Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDrob_flynn/gaim0.75

▶NVDultramagnetic/ultramagnetic0.81

Patches

Patch: security.e-matters.de ↗Patch: ultramagnetic.sourceforge.net ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-q864-5rmm-c437: Multiple buffer overflows in Gaim 0↗2022-05-03

▶

CVEList

CVE-2004-0006: Multiple buffer overflows in Gaim 0↗2004-01-29

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-01-26

▶

💬Community

Bugzilla

CVE-2004-0006 security flaw↗2018-08-16

▶