CVE-2004-0785
Last modified
CVE-2004-0785 is a vulnerability of currently unknown severity. Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.. EPSS estimates a 5.43% chance of exploitation in the next 30 days.
Description
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Rob Flynn | Gaim | 0.10 |
| Rob Flynn | Gaim | 0.10.3 |
| Rob Flynn | Gaim | 0.50 |
| Rob Flynn | Gaim | 0.51 |
| Rob Flynn | Gaim | 0.52 |
| Rob Flynn | Gaim | 0.53 |
| Rob Flynn | Gaim | 0.54 |
| Rob Flynn | Gaim | 0.55 |
| Rob Flynn | Gaim | 0.56 |
| Rob Flynn | Gaim | 0.57 |
| Rob Flynn | Gaim | 0.58 |
| Rob Flynn | Gaim | 0.59 |
| Rob Flynn | Gaim | 0.59.1 |
| Rob Flynn | Gaim | 0.60 |
| Rob Flynn | Gaim | 0.61 |
| Rob Flynn | Gaim | 0.62 |
| Rob Flynn | Gaim | 0.63 |
| Rob Flynn | Gaim | 0.64 |
| Rob Flynn | Gaim | 0.65 |
| Rob Flynn | Gaim | 0.66 |
| Rob Flynn | Gaim | 0.67 |
| Rob Flynn | Gaim | 0.68 |
| Rob Flynn | Gaim | 0.69 |
| Rob Flynn | Gaim | 0.70 |
| Rob Flynn | Gaim | 0.71 |
| Rob Flynn | Gaim | 0.72 |
| Rob Flynn | Gaim | 0.73 |
| Rob Flynn | Gaim | 0.74 |
| Rob Flynn | Gaim | 0.75 |
References
- http://gaim.sourceforge.net/security/?id=3Patch, Vendor Advisory
- http://www.fedoranews.org/updates/FEDORA-2004-278.shtmlPatch, Vendor Advisory
- http://www.fedoranews.org/updates/FEDORA-2004-279.shtmlPatch, Vendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200408-27.xmlVendor Advisory
- http://gaim.sourceforge.net/security/?id=3Patch, Vendor Advisory
- http://www.fedoranews.org/updates/FEDORA-2004-278.shtmlPatch, Vendor Advisory
- http://www.fedoranews.org/updates/FEDORA-2004-279.shtmlPatch, Vendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200408-27.xmlVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-0785?
How severe is CVE-2004-0785?
How do I fix CVE-2004-0785?
Are you affected by CVE-2004-0785?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST