CVE-2004-0784

5 documents5 sources

Severity

7.5HIGH

EPSS

1.3%

top 20.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ROB Flynn Gaim

Timeline

PublishedOct 20

Latest updateApr 29

Description

The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDrob_flynn/gaim29 versions+28

Patches

Patch: gaim.sourceforge.net ↗Patch: www.fedoranews.org ↗Patch: www.fedoranews.org ↗

🔴Vulnerability Details

GHSA

GHSA-mq6w-7g5x-f5hr: The smiley theme functionality in Gaim before 0↗2022-04-29

▶

CVEList

CVE-2004-0784: The smiley theme functionality in Gaim before 0↗2004-09-02

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-08-26

▶

💬Community

Bugzilla

CVE-2004-0784 security flaw↗2018-08-16

▶