cbcvebase.
CVE-2004-0891
published 2005-01-27

CVE-2004-0891: Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly…

PriorityP335critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
6.86%
93.2th percentile
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.

Affected

40 ranges· showing 25
VendorProductVersion rangeFixed in
gentoolinux
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim
rob_flynngaim

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.