CVSS: 9.8EPSS: 1%CPEs: 29EXPL: 0CVE-2004-0784
https://notcve.org/view.php?id=CVE-2004-0784
02 Sep 2004 — The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. La funcionalidad de temas de iconos gestuales (smileys) de Gaim anteriores a 0.82 permite a atacantes remotos ejecutar comandos de su elección mediante metacaractéres de shell en el nombre del fichero o del fichero tar que es arrastrado al selector del icono. • http://gaim.sourceforge.net/security/?id=1 •
CVSS: 9.8EPSS: 6%CPEs: 29EXPL: 0CVE-2004-0785
https://notcve.org/view.php?id=CVE-2004-0785
02 Sep 2004 — Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder. Múltiples desbordamientos de búfer en Gaim anteriores a 0.82 permite a atacantes remotos causar una dengación de servicio y posiblemente ejecutar código de su elección mediante (1) mensajes en Formato de Tex... • http://gaim.sourceforge.net/security/?id=3 •
CVSS: 9.8EPSS: 21%CPEs: 1EXPL: 1CVE-2004-0005
https://notcve.org/view.php?id=CVE-2004-0005
03 Feb 2004 — Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_d... • http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html • CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 16%CPEs: 2EXPL: 0CVE-2004-0006
https://notcve.org/view.php?id=CVE-2004-0006
29 Jan 2004 — Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. Múltiples desbordamientos de búfer en Gaim 0.75 y anteriores, y Ultramagnetic anteriores a de 0.81, permite a atacantes remo... • ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc •