The Gaim application is a multi-protocol instant messaging client.
A stack based buffer overflow bug was found in the way gaim processes a
message containing a URL. A remote attacker could send a carefully crafted
message resulting in the execution of arbitrary code on a victim’s machine.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1261 to this issue.
A bug was found in the way gaim handles malformed MSN messages. A remote
attacker could send a carefully crafted MSN message causing gaim to crash.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1262 to this issue.
Users of Gaim are advised to upgrade to this updated package which contains
backported patches and is not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | i386 | gaim | < 1.2.1-6.el4 | gaim-1.2.1-6.el4.i386.rpm |
RedHat | 4 | ia64 | gaim | < 1.2.1-6.el4 | gaim-1.2.1-6.el4.ia64.rpm |
RedHat | 4 | ppc | gaim | < 1.2.1-6.el4 | gaim-1.2.1-6.el4.ppc.rpm |
RedHat | 4 | x86_64 | gaim | < 1.2.1-6.el4 | gaim-1.2.1-6.el4.x86_64.rpm |
RedHat | 4 | s390 | gaim | < 1.2.1-6.el4 | gaim-1.2.1-6.el4.s390.rpm |
RedHat | 4 | src | gaim | < 1.2.1-6.el4 | gaim-1.2.1-6.el4.src.rpm |
RedHat | 4 | s390x | gaim | < 1.2.1-6.el4 | gaim-1.2.1-6.el4.s390x.rpm |