CVE Vulnerabilities

CVE-2004-0006

Published: Mar 03, 2004 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.

Affected Software

Name Vendor Start Version End Version
Gaim Rob_flynn * 0.75 (including)
Ultramagnetic Ultramagnetic * 0.81 (including)
Gaim Ubuntu dapper *
Gaim Ubuntu edgy *
Gaim Ubuntu feisty *
Red Hat Enterprise Linux 3 RedHat gaim *
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Linux 9 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *

References