CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0573
https://notcve.org/view.php?id=CVE-2005-0573
27 Feb 2005 — Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters. • http://marc.info/?l=full-disclosure&m=110928380421841&w=2 •
CVSS: 7.5EPSS: 8%CPEs: 14EXPL: 0CVE-2005-0472 – Gentoo Linux Security Advisory 200503-3
https://notcve.org/view.php?id=CVE-2005-0472
19 Feb 2005 — Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. Specially crafted SNAC packets sent by other instant-messaging users can cause Gaim to loop endlessly (CVE-2005-0472). Malformed HTML code could lead to invalid memory accesses (CVE-2005-0208 and CVE-2005-0473). Versions less than 1.1.4 are affected. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933 •
CVSS: 6.5EPSS: 18%CPEs: 14EXPL: 0CVE-2005-0473 – Gentoo Linux Security Advisory 200503-3
https://notcve.org/view.php?id=CVE-2005-0473
19 Feb 2005 — The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. Specially crafted SNAC packets sent by other instant-messaging users can cause Gaim to loop endlessly (CVE-2005-0472). Malformed HTML code could lead to invalid memory accesses (CVE-2005-0208 and CVE-2005-0473). Versions less than 1.1.4 are affected. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933 •
CVSS: 7.5EPSS: 0%CPEs: 36EXPL: 0CVE-2004-2589
https://notcve.org/view.php?id=CVE-2004-2589
31 Dec 2004 — Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory. • http://gaim.sourceforge.net/security/?id=6 •
CVSS: 10.0EPSS: 5%CPEs: 42EXPL: 0CVE-2004-0891 – Ubuntu Security Notice 8-1
https://notcve.org/view.php?id=CVE-2004-0891
21 Oct 2004 — Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. A buffer overflow and two remote crashes were recently discovered in gaim's MSN protocol handler. An attacker could potentially execute arbitrary code with the user's privileges by crafting and sending a particu... • http://gaim.sourceforge.net/security/?id=9 •
CVSS: 9.8EPSS: 3%CPEs: 34EXPL: 0CVE-2004-0500 – Fedora Legacy Update Advisory 1237
https://notcve.org/view.php?id=CVE-2004-0500
02 Sep 2004 — Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. Desbordamiento de búfer en los conectores de protocolo MSN (1) object.c y (2) slp.c en Gaim anteriores a 0.83 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código de su elección mediante mensajes de protocolo MSNS... • http://gaim.sourceforge.net/security/?id=0 •
CVSS: 9.8EPSS: 5%CPEs: 29EXPL: 0CVE-2004-0754 – Fedora Legacy Update Advisory 1237
https://notcve.org/view.php?id=CVE-2004-0754
02 Sep 2004 — Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. Desbordamiento de enteros en Gaim anteriores a 0.82 permite a atacantes remotos ejecutar código arbitrario mediante una la varible de tamaño en mensajes de servidor Groupware. FLSA:1237. Updated gaim package resolves security issues. Corrects multiple buffer overflows in Gaim 0.75 and earlier, including Yahoo cookie buffer overflows... • http://gaim.sourceforge.net/security/?id=2 •
CVSS: 9.8EPSS: 1%CPEs: 29EXPL: 0CVE-2004-0784 – Fedora Legacy Update Advisory 1237
https://notcve.org/view.php?id=CVE-2004-0784
02 Sep 2004 — The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. La funcionalidad de temas de iconos gestuales (smileys) de Gaim anteriores a 0.82 permite a atacantes remotos ejecutar comandos de su elección mediante metacaractéres de shell en el nombre del fichero o del fichero tar que es arrastrado al selector del icono. FLSA:1237. Updated gaim package resolves security ... • http://gaim.sourceforge.net/security/?id=1 •
CVSS: 9.8EPSS: 6%CPEs: 29EXPL: 0CVE-2004-0785 – Fedora Legacy Update Advisory 1237
https://notcve.org/view.php?id=CVE-2004-0785
02 Sep 2004 — Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder. Múltiples desbordamientos de búfer en Gaim anteriores a 0.82 permite a atacantes remotos causar una dengación de servicio y posiblemente ejecutar código de su elección mediante (1) mensajes en Formato de Tex... • http://gaim.sourceforge.net/security/?id=3 •
CVSS: 9.8EPSS: 16%CPEs: 2EXPL: 0CVE-2004-0006 – 001.txt.asc
https://notcve.org/view.php?id=CVE-2004-0006
26 Jan 2004 — Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. Múltiples desbordamientos de búfer en Gaim 0.75 y anteriores, y Ultramagnetic anteriores a de 0.81, permite a atacantes remo... • ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc •