CVSS: 9.8EPSS: 1%CPEs: 29EXPL: 0CVE-2004-0784
https://notcve.org/view.php?id=CVE-2004-0784
02 Sep 2004 — The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. La funcionalidad de temas de iconos gestuales (smileys) de Gaim anteriores a 0.82 permite a atacantes remotos ejecutar comandos de su elección mediante metacaractéres de shell en el nombre del fichero o del fichero tar que es arrastrado al selector del icono. • http://gaim.sourceforge.net/security/?id=1 •
CVSS: 9.8EPSS: 6%CPEs: 29EXPL: 0CVE-2004-0785
https://notcve.org/view.php?id=CVE-2004-0785
02 Sep 2004 — Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder. Múltiples desbordamientos de búfer en Gaim anteriores a 0.82 permite a atacantes remotos causar una dengación de servicio y posiblemente ejecutar código de su elección mediante (1) mensajes en Formato de Tex... • http://gaim.sourceforge.net/security/?id=3 •
CVSS: 9.8EPSS: 21%CPEs: 1EXPL: 1CVE-2004-0005
https://notcve.org/view.php?id=CVE-2004-0005
03 Feb 2004 — Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_d... • http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html • CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 19%CPEs: 2EXPL: 0CVE-2004-0008
https://notcve.org/view.php?id=CVE-2004-0008
29 Jan 2004 — Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. Desbordamiento de enteros en Gaim 0.74 y anteriores, y Ultramagnetic anteriores a 0.81 permite a atacantes remotos causar una denegación de servicio. • ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc •
CVSS: 9.8EPSS: 16%CPEs: 2EXPL: 0CVE-2004-0006
https://notcve.org/view.php?id=CVE-2004-0006
29 Jan 2004 — Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. Múltiples desbordamientos de búfer en Gaim 0.75 y anteriores, y Ultramagnetic anteriores a de 0.81, permite a atacantes remo... • ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc •
CVSS: 9.8EPSS: 24%CPEs: 2EXPL: 0CVE-2004-0007
https://notcve.org/view.php?id=CVE-2004-0007
29 Jan 2004 — Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code. Desbordamiento de búfer en la Función Extract Info Field en los manejadores de protocolos de MSN e YMSG en Gaim 0.74 y anteriores, y Ultramagnetic anteriores a 0.81 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario. • http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html •
CVSS: 9.8EPSS: 6%CPEs: 7EXPL: 0CVE-2002-0384
https://notcve.org/view.php?id=CVE-2002-0384
04 Oct 2002 — Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. Desbordamiento de búfer en el plug-in Jabber en el cliente Gaim anteriores a 0.589 permite a atacantes ejecutar código arbitrario. • http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054 •
CVSS: 9.8EPSS: 5%CPEs: 9EXPL: 1CVE-2002-0989
https://notcve.org/view.php?id=CVE-2002-0989
24 Sep 2002 — The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0377
https://notcve.org/view.php?id=CVE-2002-0377
29 May 2002 — Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. • http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2000-1172
https://notcve.org/view.php?id=CVE-2000-1172
19 Dec 2000 — Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html •