CVE-2004-2589
UnknownEPSS 1.54%
Last modified
CVE-2004-2589 is a vulnerability of currently unknown severity. Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.. EPSS estimates a 1.54% chance of exploitation in the next 30 days.
Description
Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Rob Flynn | Gaim | 0.10 |
| Rob Flynn | Gaim | 0.10.3 |
| Rob Flynn | Gaim | 0.50 |
| Rob Flynn | Gaim | 0.51 |
| Rob Flynn | Gaim | 0.52 |
| Rob Flynn | Gaim | 0.53 |
| Rob Flynn | Gaim | 0.54 |
| Rob Flynn | Gaim | 0.55 |
| Rob Flynn | Gaim | 0.56 |
| Rob Flynn | Gaim | 0.57 |
| Rob Flynn | Gaim | 0.58 |
| Rob Flynn | Gaim | 0.59 |
| Rob Flynn | Gaim | 0.59.1 |
| Rob Flynn | Gaim | 0.60 |
| Rob Flynn | Gaim | 0.61 |
| Rob Flynn | Gaim | 0.62 |
| Rob Flynn | Gaim | 0.63 |
| Rob Flynn | Gaim | 0.64 |
| Rob Flynn | Gaim | 0.65 |
| Rob Flynn | Gaim | 0.66 |
| Rob Flynn | Gaim | 0.67 |
| Rob Flynn | Gaim | 0.68 |
| Rob Flynn | Gaim | 0.69 |
| Rob Flynn | Gaim | 0.70 |
| Rob Flynn | Gaim | 0.71 |
| Rob Flynn | Gaim | 0.72 |
| Rob Flynn | Gaim | 0.73 |
| Rob Flynn | Gaim | 0.74 |
| Rob Flynn | Gaim | 0.75 |
| Rob Flynn | Gaim | 0.76 |
| Rob Flynn | Gaim | 0.77 |
| Rob Flynn | Gaim | 0.78 |
| Rob Flynn | Gaim | 0.79 |
| Rob Flynn | Gaim | 0.80 |
| Rob Flynn | Gaim | 0.81 |
| Rob Flynn | Gaim | 0.82 |
References
- http://secunia.com/advisories/12383Patch, Vendor Advisory
- http://secunia.com/advisories/12383Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-2589?
Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
How severe is CVE-2004-2589?
Severity scoring for CVE-2004-2589 is pending analysis. The EPSS model estimates a 1.54% probability of exploitation in the next 30 days.
How do I fix CVE-2004-2589?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2004-2589?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST