Rob Flynn: >> Gaim >> 1.1.1 Security Vulnerabilities
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
CVSS Score
5.0
EPSS Score
0.013
Published
2005-08-16
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
CVSS Score
5.0
EPSS Score
0.025
Published
2005-06-16
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
CVSS Score
7.5
EPSS Score
0.162
Published
2005-05-11
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
CVSS Score
5.0
EPSS Score
0.013
Published
2005-05-11
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
CVSS Score
5.0
EPSS Score
0.12
Published
2005-05-02
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
CVSS Score
5.0
EPSS Score
0.082
Published
2005-03-14
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
CVSS Score
5.0
EPSS Score
0.185
Published
2005-03-14