Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://gaim.sourceforge.net/security/?id=9 - Vendor Advisory | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml - | |
References | () http://www.redhat.com/support/errata/RHSA-2004-604.html - Vendor Advisory | |
References | () https://bugzilla.fedora.us/show_bug.cgi?id=2188 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17786 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17787 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17790 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790 - | |
References | () https://www.ubuntu.com/usn/usn-8-1/ - |
Information
Published : 2005-01-27 05:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0891
Mitre link : CVE-2004-0891
CVE.ORG link : CVE-2004-0891
JSON object : View
Products Affected
gentoo
- linux
rob_flynn
- gaim
slackware
- slackware_linux
ubuntu
- ubuntu_linux
CWE