Page 4 of 19 results (0.009 seconds)

CVSS: 7.5EPSS: 12%CPEs: 7EXPL: 0

Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. Desbordamiento de búfer en el plug-in Jabber en el cliente Gaim anteriores a 0.589 permite a atacantes ejecutar código arbitrario. • http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054 http://online.securityfocus.com/advisories/4358 http://www.iss.net/security_center/static/9766.php http://www.osvdb.org/3729 http://www.redhat.com/support/errata/RHSA-2002-098.html http://www.redhat.com/support/errata/RHSA-2002-107.html http://www.redhat.com/support/errata/RHSA-2002-122.html http://www.redhat.com/support/errata/RHSA-2003-156.html http://www.securityfocus.com/bid/5406 https://access •

CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 1

The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000521 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054 http://gaim.sourceforge.net/ChangeLog http://marc.info/?l=bugtraq&m=103046442403404&w=2 http://online.securityfocus.com/advisories/4471 http://www.debian.org/security/2002/dsa-158 http://www.iss.net/security_center&# •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. • http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html http://gaim.sourceforge.net/ChangeLog http://marc.info/?l=bugtraq&m=102130733815285&w=2 http://www.iss.net/security_center/static/9061.php http://www.securityfocus.com/bid/4730 •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html http://www.securityfocus.com/bid/1948 •