Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1934 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error. | |||||
| CVE-2005-0473 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | |||||
| CVE-2004-2589 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory. | |||||
| CVE-2005-0965 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. | |||||
| CVE-2005-0573 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters. | |||||
| CVE-2005-1269 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name. | |||||
| CVE-2005-0966 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 6.4 MEDIUM | N/A |
| The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions. | |||||
| CVE-2005-1262 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message. | |||||
| CVE-2005-1261 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL. | |||||
| CVE-2005-0208 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473. | |||||
| CVE-2004-0891 | 4 Gentoo, Rob Flynn, Slackware and 1 more | 4 Linux, Gaim, Slackware Linux and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. | |||||
| CVE-2005-0472 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | |||||
| CVE-2005-2102 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters. | |||||
| CVE-2005-2370 | 2 Ekg, Rob Flynn | 2 Ekg, Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message. | |||||
| CVE-2005-0967 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 5.0 MEDIUM | N/A |
| Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read. | |||||
| CVE-2004-0007 | 2 Rob Flynn, Ultramagnetic | 2 Gaim, Ultramagnetic | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2004-0754 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 7.5 HIGH | N/A |
| Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. | |||||
| CVE-2004-0784 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 7.5 HIGH | N/A |
| The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. | |||||
| CVE-2002-0989 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 7.5 HIGH | N/A |
| The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. | |||||
| CVE-2004-0500 | 3 Gentoo, Mandrakesoft, Rob Flynn | 3 Linux, Mandrake Linux, Gaim | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. | |||||