Shodan
Vulnerabilities
Vulnerable Software
Rob Flynn:  >> Gaim  >> 0.65  Security Vulnerabilities
CVE-2005-1269
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
CVSS Score
5.0
EPSS Score
0.025
Published
2005-06-16
CVE-2005-1261
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
CVSS Score
7.5
EPSS Score
0.162
Published
2005-05-11
CVE-2005-1262
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
CVSS Score
5.0
EPSS Score
0.013
Published
2005-05-11
CVE-2004-0891
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
CVSS Score
10.0
EPSS Score
0.054
Published
2005-01-27
CVE-2004-2589
Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
CVSS Score
5.0
EPSS Score
0.008
Published
2004-12-31
CVE-2004-0754
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
CVSS Score
7.5
EPSS Score
0.056
Published
2004-10-20
CVE-2004-0784
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
CVSS Score
7.5
EPSS Score
0.013
Published
2004-10-20
CVE-2004-0785
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.
CVSS Score
7.5
EPSS Score
0.063
Published
2004-10-20
CVE-2004-0500
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
CVSS Score
7.5
EPSS Score
0.033
Published
2004-09-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved