CVE-2004-0007

Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Affected Software

References

• http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html
• http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000813
• http://marc.info/?l=bugtraq\u0026m=107513690306318\u0026w=2
• http://marc.info/?l=bugtraq\u0026m=107522432613022\u0026w=2
• http://security.e-matters.de/advisories/012004.html
• http://security.gentoo.org/glsa/glsa-200401-04.xml
• http://ultramagnetic.sourceforge.net/advisories/001.html
• http://www.debian.org/security/2004/dsa-434
• http://www.kb.cert.org/vuls/id/197142
• http://www.mandriva.com/security/advisories?name=MDKSA-2004:006
• http://www.osvdb.org/3733
• http://www.redhat.com/support/errata/RHSA-2004-032.html
• http://www.redhat.com/support/errata/RHSA-2004-033.html
• http://www.securityfocus.com/advisories/6281
• http://www.securityfocus.com/bid/9489
• http://www.securitytracker.com/id?1008850
• http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.361158
• https://exchange.xforce.ibmcloud.com/vulnerabilities/14946
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906