17 results (0.019 seconds)

CVSS: 9.8EPSS: 17%CPEs: 1EXPL: 1

Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n. • https://www.exploit-db.com/exploits/26139 http://gaim.sourceforge.net/security/?id=22 http://www.novell.com/linux/security/advisories/2005_19_sr.html http://www.redhat.com/support/errata/RHSA-2005-589.html http://www.redhat.com/support/errata/RHSA-2005-627.html http://www.securityfocus.com/archive/1/426078/100/0/threaded http://www.securityfocus.com/bid/14531 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477 https://usn.ubuntu • CWE-131: Incorrect Calculation of Buffer Size •

CVSS: 5.0EPSS: 3%CPEs: 8EXPL: 0

Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message. Múltiples "errores de alineamiento de memoria" en libgadu, usado en ekg anterior a la 1.5rc2, Gaim anteriores a 1.5.0 y otros paquetes permite que atacantes remotos causen una denegación de servicio (error de bus) en ciertas arquitecturas, tales como SPACRC, mediante un mensaje de entrada. • http://gaim.sourceforge.net/security/index.php?id=20 http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://secunia.com/advisories/16265 http://www.debian.org/security/2005/dsa-813 http://www.debian.org/security/2007/dsa-1318 http://www.redhat.com/support/errata/RHSA-2005-627.html http://www.securityfocus.com/archive/1/426078/100/0/threaded http://www.securityfocus.com/bid/24600 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 3%CPEs: 50EXPL: 0

Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name. • http://gaim.sourceforge.net/security/?id=18 http://security.gentoo.org/glsa/glsa-200506-11.xml http://www.debian.org/security/2005/dsa-734 http://www.mandriva.com/security/advisories?name=MDKSA-2005:099 http://www.novell.com/linux/security/advisories/2005_36_sudo.html http://www.redhat.com/support/errata/RHSA-2005-518.html http://www.securityfocus.com/archive/1/426078/100/0/threaded http://www.securityfocus.com/bid/13931 https://oval.cisecurity.org/repository/search/ •

CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0

Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error. • http://security.gentoo.org/glsa/glsa-200506-11.xml http://sourceforge.net/tracker/index.php?func=detail&aid=1205290&group_id=235&atid=100235 http://www.debian.org/security/2005/dsa-734 http://www.mandriva.com/security/advisories?name=MDKSA-2005:099 http://www.novell.com/linux/security/advisories/2005_36_sudo.html http://www.redhat.com/support/errata/RHSA-2005-518.html http://www.securityfocus.com/archive/1/426078/100/0/threaded http://www.securityfocus.com/bid/13932 https: •

CVSS: 7.5EPSS: 18%CPEs: 48EXPL: 1

Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL. • https://www.exploit-db.com/exploits/999 http://gaim.sourceforge.net/security/index.php?id=16 http://www.redhat.com/support/errata/RHSA-2005-429.html http://www.redhat.com/support/errata/RHSA-2005-432.html http://www.securityfocus.com/archive/1/426078/100/0/threaded http://www.securityfocus.com/bid/13590 http://www.vupen.com/english/advisories/2005/0519 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725 https://access.redhat.com/s •