CVE-2004-0784

The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.

Affected Software

Name	Vendor	Start Version	End Version
Gaim	Rob_flynn	0.10 (including)	0.10 (including)
Gaim	Rob_flynn	0.10.3 (including)	0.10.3 (including)
Gaim	Rob_flynn	0.50 (including)	0.50 (including)
Gaim	Rob_flynn	0.51 (including)	0.51 (including)
Gaim	Rob_flynn	0.52 (including)	0.52 (including)
Gaim	Rob_flynn	0.53 (including)	0.53 (including)
Gaim	Rob_flynn	0.54 (including)	0.54 (including)
Gaim	Rob_flynn	0.55 (including)	0.55 (including)
Gaim	Rob_flynn	0.56 (including)	0.56 (including)
Gaim	Rob_flynn	0.57 (including)	0.57 (including)
Gaim	Rob_flynn	0.58 (including)	0.58 (including)
Gaim	Rob_flynn	0.59 (including)	0.59 (including)
Gaim	Rob_flynn	0.59.1 (including)	0.59.1 (including)
Gaim	Rob_flynn	0.60 (including)	0.60 (including)
Gaim	Rob_flynn	0.61 (including)	0.61 (including)
Gaim	Rob_flynn	0.62 (including)	0.62 (including)
Gaim	Rob_flynn	0.63 (including)	0.63 (including)
Gaim	Rob_flynn	0.64 (including)	0.64 (including)
Gaim	Rob_flynn	0.65 (including)	0.65 (including)
Gaim	Rob_flynn	0.66 (including)	0.66 (including)
Gaim	Rob_flynn	0.67 (including)	0.67 (including)
Gaim	Rob_flynn	0.68 (including)	0.68 (including)
Gaim	Rob_flynn	0.69 (including)	0.69 (including)
Gaim	Rob_flynn	0.70 (including)	0.70 (including)
Gaim	Rob_flynn	0.71 (including)	0.71 (including)
Gaim	Rob_flynn	0.72 (including)	0.72 (including)
Gaim	Rob_flynn	0.73 (including)	0.73 (including)
Gaim	Rob_flynn	0.74 (including)	0.74 (including)
Gaim	Rob_flynn	0.75 (including)	0.75 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0784
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References