MidnightBSD

Advisories for gaim-encryption

CVE-2003-0163 MEDIUM

decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gaim-encryption gaim-encryption 1.14
gaim-encryption gaim-encryption 1.15
gaim-encryption gaim-encryption 1.13
CVE-2005-4693 MEDIUM

Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to cause a denial of service (crash) via a crafted message from an ICQ buddy, possibly involving the GE_received_key function in keys.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gaim-encryption gaim-encryption 2.38_1