CVE-2004-0500

5 documents5 sources

Severity

7.5HIGH

EPSS

3.3%

top 12.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gentoo Linux Mandrakesoft Mandrake Linux ROB Flynn Gaim

Timeline

PublishedSep 28

Latest updateApr 29

Description

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDrob_flynn/gaim29 versions+28

▶NVDgentoo/linux1.4

▶NVDmandrakesoft/mandrake_linux10.0, 9.2+1

Patches

Patch: www.gentoo.org ↗Patch: www.securityfocus.com ↗Patch: www.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-cpr4-jj9p-gwfc: Buffer overflow in the MSN protocol plugins (1) object↗2022-04-29

▶

CVEList

CVE-2004-0500: Buffer overflow in the MSN protocol plugins (1) object↗2004-09-02

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-08-05

▶

💬Community

Bugzilla

CVE-2004-0500 security flaw↗2018-08-16

▶