The Gaim application is a multi-protocol instant messaging client.
Jacopo Ottaviani discovered a bug in the way Gaim handles Yahoo! Messenger
file transfers. It is possible for a malicious user to send a specially
crafted file transfer request that causes Gaim to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-1269 to this issue.
Additionally, Hugo de Bokkenrijder discovered a bug in the way Gaim parses
MSN Messenger messages. It is possible for a malicious user to send a
specially crafted MSN Messenger message that causes Gaim to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-1934 to this issue.
Users of gaim are advised to upgrade to this updated package, which contains
version 1.3.1 and is not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | ppc | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.ppc.rpm |
RedHat | 4 | ia64 | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.ia64.rpm |
RedHat | 4 | s390 | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.s390.rpm |
RedHat | 4 | s390x | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.s390x.rpm |
RedHat | 4 | i386 | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.i386.rpm |
RedHat | 4 | src | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.src.rpm |
RedHat | 4 | x86_64 | gaim | < 1.3.1-0.el4 | gaim-1.3.1-0.el4.x86_64.rpm |