cbcvebase.

Rob Flynn Gaim vulnerabilities

26 known vulnerabilities affecting rob_flynn/gaim.

Total CVEs
26
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH10MEDIUM13LOW1

Vulnerabilities

Page 1 of 2
CVE-2005-1261P3HIGHCVSS 7.5PoCv0.10v0.10.3+46 more2005-05-11
CVE-2005-1261 [HIGH] CVE-2005-1261: Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
nvd
CVE-2004-0008P3HIGHCVSS 7.5≤ 0.742004-03-03
CVE-2004-0008 [HIGH] CVE-2004-0008: Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
nvd
CVE-2004-0784P3HIGHCVSS 7.5v0.10v0.10.3+27 more2004-10-20
CVE-2004-0784 [HIGH] CVE-2004-0784: The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary comm The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
nvd
CVE-2004-0891P3CRITICALCVSS 10.0v0.10v0.10.3+32 more2005-01-27
CVE-2004-0891 [CRITICAL] CVE-2004-0891: Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
nvd
CVE-2004-0006P4HIGHCVSS 7.5≤ 0.752004-03-03
CVE-2004-0006 [HIGH] CVE-2004-0006: Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote atta Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and
nvd
CVE-2004-0007P4HIGHCVSS 7.5≤ 0.742004-03-03
CVE-2004-0007 [HIGH] CVE-2004-0007: Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gai Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
nvd
CVE-2002-0989P4HIGHCVSS 7.5v0.51v0.52+7 more2002-09-24
CVE-2002-0989 [HIGH] CVE-2002-0989: The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execu The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
nvd
CVE-2004-0500P4HIGHCVSS 7.5v0.10v0.10.3+27 more2004-09-28
CVE-2004-0500 [HIGH] CVE-2004-0500: Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows r Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
nvd
CVE-2002-0384P4HIGHCVSS 7.5v0.51v0.52+5 more2002-10-04
CVE-2002-0384 [HIGH] CVE-2002-0384: Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arb Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
nvd
CVE-2000-1172P4CRITICALCVSS 10.0v0.10v0.10.32001-01-09
CVE-2000-1172 [CRITICAL] CVE-2000-1172: Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to condu Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.
nvd
CVE-2004-0785P4HIGHCVSS 7.5v0.10v0.10.3+27 more2004-10-20
CVE-2004-0785 [HIGH] CVE-2004-0785: Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service an Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.
nvd
CVE-2004-0754P4HIGHCVSS 7.5v0.10v0.10.3+27 more2004-10-20
CVE-2004-0754 [HIGH] CVE-2004-0754: Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possib Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
nvd
CVE-2005-0966P4MEDIUMCVSS 6.4v1.2.02005-05-02
CVE-2005-0966 [MEDIUM] CVE-2005-0966: The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (applicat
nvd
CVE-2005-0472P4MEDIUMCVSS 5.0v1.0v1.0.1+2 more2005-03-14
CVE-2005-0472 [MEDIUM] CVE-2005-0472: Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
nvd
CVE-2005-0208P4MEDIUMCVSS 5.0v1.1.0v1.1.1+2 more2005-05-02
CVE-2005-0208 [MEDIUM] CVE-2005-0208: The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
nvd
CVE-2005-1934P4MEDIUMCVSS 5.0≤ 1.3.02005-05-19
CVE-2005-1934 [MEDIUM] CVE-2005-1934: Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN m Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
nvd
CVE-2005-2370P4MEDIUMCVSS 5.0≤ 1.4.02005-07-26
CVE-2005-2370 [MEDIUM] CWE-399 CVE-2005-2370: Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
nvd
CVE-2005-0473P4MEDIUMCVSS 5.0v1.0v1.0.1+2 more2005-03-14
CVE-2005-0473 [MEDIUM] CVE-2005-0473: The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
nvd
CVE-2005-0967P4MEDIUMCVSS 5.0v1.2.02005-05-02
CVE-2005-0967 [MEDIUM] CVE-2005-0967: Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
nvd
CVE-2005-1262P4MEDIUMCVSS 5.0v0.10v0.10.3+46 more2005-05-11
CVE-2005-1262 [MEDIUM] CVE-2005-1262: Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
nvd
Rob Flynn Gaim vulnerabilities | cvebase