Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-106-1
HistoryApr 05, 2005 - 12:00 a.m.

Gaim vulnerabilities

2005-04-0500:00:00
ubuntu.com
40

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.038

Percentile

91.9%

JSON

Releases

  • Ubuntu 4.10

Details

Jean-Yves Lefort discovered a buffer overflow in the
gaim_markup_strip_html() function. This caused Gaim to crash when
receiving certain malformed HTML messages. (CAN-2005-0965)

Jean-Yves Lefort also noticed that many functions that handle IRC
commands do not escape received HTML metacharacters; this allowed
remote attackers to cause a Denial of Service by injecting arbitrary
HTML code into the conversation window, popping up arbitrarily many
empty dialog boxes, or even causing Gaim to crash. (CAN-2005-0966)

OSVersionArchitecturePackageVersionFilename
Ubuntu4.10noarchgaim< *UNKNOWN

Related

nessus 9
openvas 7
redhat 1
gentoo 1
centos 1
freebsd 2
nvd 2
cvelist 2
cve 2
ubuntucve 2
suse 1
nessus
nessus
Fedora Core 2 : gaim-1.2.1-1.fc2 (2005-298)
2005-05-19 00:00:00
Fedora Core 3 : gaim-1.2.1-1.fc3 (2005-299)
2005-09-12 00:00:00
Ubuntu 4.10 : gaim vulnerabilities (USN-106-1)
2006-01-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-106-1)
2022-08-26 00:00:00
Gentoo Security Advisory GLSA 200504-05 (Gaim)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200504-05 (Gaim)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2005:365) gaim security update
2005-04-12 00:00:00
gentoo
gentoo
Gaim: Denial of Service issues
2005-04-06 00:00:00
centos
centos
gaim security update
2005-04-12 15:08:29
freebsd
freebsd
gaim -- remote DoS on receiving certain messages over IRC
2005-04-02 00:00:00
gaim -- remote DoS on receiving malformed HTML
2005-04-02 00:00:00
nvd
nvd
CVE-2005-0966
2005-05-02 04:00:00
CVE-2005-0965
2005-05-02 04:00:00
cvelist
cvelist
CVE-2005-0965
2005-04-04 04:00:00
CVE-2005-0966
2005-04-04 04:00:00
cve
cve
CVE-2005-0965
2005-05-02 04:00:00
CVE-2005-0966
2005-05-02 04:00:00
ubuntucve
ubuntucve
CVE-2005-0965
2005-05-02 00:00:00
CVE-2005-0966
2005-05-02 00:00:00
suse
suse
race condition, arbitrary code execution in sudo
2005-06-24 12:44:43

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.038

Percentile

91.9%

JSON
Related for USN-106-1
nessus9openvas7redhat1gentoo1centos1freebsd2nvd2cvelist2cve2ubuntucve2suse1