University Of Minnesota: >> Gopher Security Vulnerabilities
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.
CVSS Score
7.5
EPSS Score
0.249
Published
2005-09-02
gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges.
CVSS Score
7.2
EPSS Score
0.0
Published
2005-08-03
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
CVSS Score
7.5
EPSS Score
0.658
Published
2002-07-03