Rob Flynn: >> Gaim Security Vulnerabilities
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.244
Published
2004-03-03
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
CVSS Score
7.5
EPSS Score
0.192
Published
2004-03-03
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.061
Published
2002-10-04
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
CVSS Score
7.5
EPSS Score
0.05
Published
2002-09-24
Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-05-29
Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.
CVSS Score
10.0
EPSS Score
0.018
Published
2001-01-09
Page 3