QwikSec

Security Database

CVE

CWE

Training

CVE-2004-0005

Published: Feb 3, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

gaim-mime-decoder-oob(14944)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_CERT-VN

vendor-advisory

x_refsource_DEBIAN

gaim-mime-decoder-bo(14942)

vdb-entry

x_refsource_XF

SuSE-SA:2004:004

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_SLACKWARE

gaim-yahoodecode-offbyone-bo(14935)

vdb-entry

x_refsource_XF

20040126 Advisory 01/2004: 12 x Gaim remote overflows

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_SECTRACK

http://security.e-matters.de/advisories/012004.html

x_refsource_MISC

vdb-entry

x_refsource_OSVDB

20040126 Advisory 01/2004: 12 x Gaim remote overflows

mailing-list

x_refsource_FULLDISC

third-party-advisory

x_refsource_CERT-VN

third-party-advisory

x_refsource_CERT-VN

vendor-advisory

x_refsource_CONECTIVA

third-party-advisory

x_refsource_CERT-VN

gaim-sscanf-oob(14938)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.