Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-1261

7 documents7 sources
Severity
7.5HIGH
EPSS
16.2%
top 5.18%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
ROB Flynn Gaim
Timeline
PublishedMay 11
Latest updateMay 1

Description

Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

โ–ถNVDrob_flynn/gaim48 versions+47

Patches

Patch: gaim.sourceforge.net โ†—Patch: gaim.sourceforge.net โ†—

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-vhpm-pcm2-4gxw: Stack-based buffer overflow in the URL parsing function in Gaim before 1โ†—2022-05-01
โ–ถ
CVEList
CVE-2005-1261: Stack-based buffer overflow in the URL parsing function in Gaim before 1โ†—2005-05-11
โ–ถ

๐Ÿ’ฅExploits & PoCs

1
Exploit-DB
Gaim 1.2.1 - URL Handling Remote Stack Overflowโ†—2005-05-17
โ–ถ

๐Ÿ“‹Vendor Advisories

2
Ubuntu
Gaim vulnerabilitiesโ†—2005-05-13
โ–ถ
Red Hat
security flawโ†—2005-05-11
โ–ถ

๐Ÿ’ฌCommunity

1
Bugzilla
CVE-2005-1261 security flawโ†—2018-08-16
โ–ถ