CVE-2005-0473

9 documents6 sources

Severity

5.0MEDIUM

EPSS

20.6%

top 4.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mandrakesoft Mandrake Linux Mandrakesoft Mandrake Linux Corporate Server Redhat Enterprise Linux +2 more

Timeline

PublishedMar 14

Latest updateMay 1

Description

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDrob_flynn/gaim4 versions+3

▶NVDmandrakesoft/mandrake_linux10.0, 10.1+1

▶NVDredhat/enterprise_linux_desktop4.0

▶NVDmandrakesoft/mandrake_linux_corporate_server3.0

Also affects: Enterprise Linux 4.0

Patches

Patch: www.kb.cert.org ↗Patch: www.redhat.com ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-7mfh-mcrc-hgxh: The HTML parsing functions in Gaim before 1↗2022-05-01

▶

CVEList

CVE-2005-0473: The HTML parsing functions in Gaim before 1↗2005-02-19

▶

📋Vendor Advisories

Ubuntu

Gaim vulnerabilities↗2005-02-26

▶

Red Hat

security flaw↗2005-02-24

▶

Red Hat

security flaw↗2005-02-17

▶

💬Community

Bugzilla

CVE-2005-0208 security flaw↗2018-08-16

▶

Bugzilla

CVE-2005-0473 security flaw↗2018-08-16

▶

Bugzilla

CAN-2005-0208,0472,0473,0965,0966,0967 gaim security issues↗2005-03-10

▶