CVE-2004-0891: Buffer Overflow
First published: Thu Oct 21 2004(Updated: )
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rob Flynn Gaim | =0.71 | |
| Rob Flynn Gaim | =0.10.3 | |
| Rob Flynn Gaim | =0.61 | |
| Rob Flynn Gaim | =0.82.1 | |
| Rob Flynn Gaim | =0.53 | |
| Rob Flynn Gaim | =0.73 | |
| Rob Flynn Gaim | =1.0 | |
| Rob Flynn Gaim | =0.60 | |
| Rob Flynn Gaim | =1.0.1 | |
| Rob Flynn Gaim | =0.69 | |
| Rob Flynn Gaim | =0.52 | |
| Rob Flynn Gaim | =0.72 | |
| Rob Flynn Gaim | =0.65 | |
| Rob Flynn Gaim | =0.59 | |
| Rob Flynn Gaim | =0.62 | |
| Rob Flynn Gaim | =0.78 | |
| Rob Flynn Gaim | =0.74 | |
| Rob Flynn Gaim | =0.51 | |
| Rob Flynn Gaim | =0.56 | |
| Rob Flynn Gaim | =0.54 | |
| Rob Flynn Gaim | =0.55 | |
| Rob Flynn Gaim | =0.82 | |
| Rob Flynn Gaim | =0.68 | |
| Rob Flynn Gaim | =0.67 | |
| Rob Flynn Gaim | =0.10 | |
| Rob Flynn Gaim | =0.59.1 | |
| Rob Flynn Gaim | =0.70 | |
| Rob Flynn Gaim | =0.50 | |
| Rob Flynn Gaim | =0.66 | |
| Rob Flynn Gaim | =0.63 | |
| Rob Flynn Gaim | =0.64 | |
| Rob Flynn Gaim | =0.58 | |
| Rob Flynn Gaim | =0.75 | |
| Rob Flynn Gaim | =0.57 | |
| Slackware Slackware Linux | =9.0 | |
| Slackware Slackware Linux | =10.0 | |
| Ubuntu Ubuntu Linux | =4.1 | |
| Slackware Slackware Linux | =9.1 | |
| Slackware Slackware Linux | =current | |
| Gentoo Linux | =1.4 | |
| Ubuntu Ubuntu Linux | =4.1 | |
| Gentoo Linux | ||
| ubuntu/gaim | <1.5.0+1.5.1 | 1.5.0+1.5.1 |
| ubuntu/gaim | <1.5.0+1.5.1 | 1.5.0+1.5.1 |
| ubuntu/gaim | <1.5.0+1.5.1 | 1.5.0+1.5.1 |
| debian/gaim |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/support/errata/RHSA-2004-604.html
- http://gaim.sourceforge.net/security/?id=9
- https://bugzilla.fedora.us/show_bug.cgi?id=2188
- http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml
- https://www.ubuntu.com/usn/usn-8-1/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17790
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17787
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17786
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790
- https://ubuntu.com/security/notices/USN-8-1
- https://www.cve.org/CVERecord?id=CVE-2004-0891
- https://nvd.nist.gov/vuln/detail/CVE-2004-0891
- https://launchpad.net/bugs/cve/CVE-2004-0891
- https://security-tracker.debian.org/tracker/CVE-2004-0891
- https://ubuntu.com/security/CVE-2004-0891
- collector/nvd-historical
- vendor/rob flynn
- product/gaim
- canonical/rob flynn gaim
- vendor/slackware
- product/slackware linux
- canonical/slackware slackware linux
- vendor/ubuntu
- product/ubuntu linux
- canonical/ubuntu ubuntu linux
- vendor/gentoo
- product/linux
- canonical/gentoo linux
- collector/nvd-index
- agent/type
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- agent/severity
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- collector/launchpad-cve
- source/Launchpad
- collector/nvd-cve
- source/NVD
- collector/security-tracker-debian
- source/Debian
- agent/author
- agent/softwarecombine
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/rob flynn gaim/0.71
- version/rob flynn gaim/0.10.3
- version/rob flynn gaim/0.61
- version/rob flynn gaim/0.82.1
- version/rob flynn gaim/0.53
- version/rob flynn gaim/0.73
- version/rob flynn gaim/1.0
- version/rob flynn gaim/0.60
- version/rob flynn gaim/1.0.1
- version/rob flynn gaim/0.69
- version/rob flynn gaim/0.52
- version/rob flynn gaim/0.72
- version/rob flynn gaim/0.65
- version/rob flynn gaim/0.59
- version/rob flynn gaim/0.62
- version/rob flynn gaim/0.78
- version/rob flynn gaim/0.74
- version/rob flynn gaim/0.51
- version/rob flynn gaim/0.56
- version/rob flynn gaim/0.54
- version/rob flynn gaim/0.55
- version/rob flynn gaim/0.82
- version/rob flynn gaim/0.68
- version/rob flynn gaim/0.67
- version/rob flynn gaim/0.10
- version/rob flynn gaim/0.59.1
- version/rob flynn gaim/0.70
- version/rob flynn gaim/0.50
- version/rob flynn gaim/0.66
- version/rob flynn gaim/0.63
- version/rob flynn gaim/0.64
- version/rob flynn gaim/0.58
- version/rob flynn gaim/0.75
- version/rob flynn gaim/0.57
- version/slackware slackware linux/9.0
- version/slackware slackware linux/10.0
- version/ubuntu ubuntu linux/4.1
- version/slackware slackware linux/9.1
- version/slackware slackware linux/current
- version/gentoo linux/1.4
- package-manager/ubuntu
- package-manager/debian