CVSS: 9.8EPSS: 43%CPEs: 1EXPL: 1CVE-2004-0005
https://notcve.org/view.php?id=CVE-2004-0005
03 Feb 2004 — Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_d... • http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html • CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 54%CPEs: 2EXPL: 0CVE-2004-0008
https://notcve.org/view.php?id=CVE-2004-0008
29 Jan 2004 — Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. Desbordamiento de enteros en Gaim 0.74 y anteriores, y Ultramagnetic anteriores a 0.81 permite a atacantes remotos causar una denegación de servicio. • ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc •
CVSS: 9.8EPSS: 34%CPEs: 2EXPL: 0CVE-2004-0006
https://notcve.org/view.php?id=CVE-2004-0006
29 Jan 2004 — Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. Múltiples desbordamientos de búfer en Gaim 0.75 y anteriores, y Ultramagnetic anteriores a de 0.81, permite a atacantes remo... • ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc •
CVSS: 9.8EPSS: 80%CPEs: 2EXPL: 0CVE-2004-0007
https://notcve.org/view.php?id=CVE-2004-0007
29 Jan 2004 — Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code. Desbordamiento de búfer en la Función Extract Info Field en los manejadores de protocolos de MSN e YMSG en Gaim 0.74 y anteriores, y Ultramagnetic anteriores a 0.81 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario. • http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html •
CVSS: 9.8EPSS: 9%CPEs: 7EXPL: 0CVE-2002-0384
https://notcve.org/view.php?id=CVE-2002-0384
04 Oct 2002 — Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. Desbordamiento de búfer en el plug-in Jabber en el cliente Gaim anteriores a 0.589 permite a atacantes ejecutar código arbitrario. • http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054 •
CVSS: 9.8EPSS: 6%CPEs: 9EXPL: 1CVE-2002-0989
https://notcve.org/view.php?id=CVE-2002-0989
24 Sep 2002 — The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0377
https://notcve.org/view.php?id=CVE-2002-0377
29 May 2002 — Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. • http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2000-1172
https://notcve.org/view.php?id=CVE-2000-1172
19 Dec 2000 — Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html •