CVE-2005-2102
published 2005-08-16CVE-2005-2102: The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8…
PriorityP413medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.89%
76.9th percentile
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
| rob_flynn | gaim | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Gaim vulnerabilities
vendor_ubuntu·2005-08-12
CVE-2005-2102 Gaim vulnerabilities
Title: Gaim vulnerabilities
Summary: Gaim vulnerabilities
Daniel Atallah discovered a Denial of Service vulnerability in the
file transfer handler of OSCAR (the module that handles various
instant messaging protocols like ICQ). A remote attacker could crash
the Gaim client of an user by attempting to send him a file with
a name that contains invalid UTF-8 characters. (CAN-2005-2102)
It was found that specially crafted "away" messages triggered a buffer
overflow. A remote attacker could exploit this to crash the Gaim
client or possibly even execute arbitrary code with the permissions of
the Gaim user. (CAN-2005-2103)
Szymon Zygmunt and Michał Bartoszkiewicz discovered a memory alignment
error in the Gadu library, which was fixed in USN-162-1. However, it
was discovered that Gaim contain
Red Hat
security flaw
vendor_redhat·2005-08-08·CVSS 5.0
CVE-2005-2102 [MEDIUM] security flaw
security flaw
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
GHSA
GHSA-p9c7-67mv-252r: The AIM/ICQ module in Gaim before 1
ghsa_unreviewed·2022-05-01
CVE-2005-2102 [MEDIUM] GHSA-p9c7-67mv-252r: The AIM/ICQ module in Gaim before 1
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
No detection rules found.
No public exploits indexed.
http://gaim.sourceforge.net/security/?id=21http://www.novell.com/linux/security/advisories/2005_19_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2005-627.htmlhttp://www.securityfocus.com/archive/1/426078/100/0/threadedhttp://www.securityfocus.com/bid/14531https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283https://usn.ubuntu.com/168-1/http://gaim.sourceforge.net/security/?id=21http://www.novell.com/linux/security/advisories/2005_19_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2005-627.htmlhttp://www.securityfocus.com/archive/1/426078/100/0/threadedhttp://www.securityfocus.com/bid/14531https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283https://usn.ubuntu.com/168-1/
2005-08-16
Published