MidnightBSD

Advisories for rob_flynn

CVE-2000-1172 HIGH

Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.10
rob_flynn gaim 0.10.3
CVE-2002-0377 LOW

Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.57
CVE-2002-0384 HIGH

Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.53
rob_flynn gaim 0.54
rob_flynn gaim 0.56
rob_flynn gaim 0.52
rob_flynn gaim 0.51
rob_flynn gaim 0.55
rob_flynn gaim 0.57
CVE-2002-0989 HIGH

The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.53
rob_flynn gaim 0.54
rob_flynn gaim 0.56
rob_flynn gaim 0.58
rob_flynn gaim 0.52
rob_flynn gaim 0.59
rob_flynn gaim 0.51
rob_flynn gaim 0.55
rob_flynn gaim 0.57
CVE-2004-0006 HIGH

Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim *
ultramagnetic ultramagnetic *
CVE-2004-0007 HIGH

Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim *
ultramagnetic ultramagnetic *
CVE-2004-0008 HIGH

Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim *
ultramagnetic ultramagnetic *
CVE-2004-0500 HIGH

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.73
mandrakesoft mandrake_linux 9.2
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.51
rob_flynn gaim 0.10.3
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.62
rob_flynn gaim 0.59.1
rob_flynn gaim 0.74
rob_flynn gaim 0.52
rob_flynn gaim 0.59
mandrakesoft mandrake_linux 10.0
rob_flynn gaim 0.71
rob_flynn gaim 0.57
rob_flynn gaim 0.53
rob_flynn gaim 0.54
rob_flynn gaim 0.58
rob_flynn gaim 0.50
rob_flynn gaim 0.72
rob_flynn gaim 0.67
rob_flynn gaim 0.61
rob_flynn gaim 0.68
gentoo linux 1.4
rob_flynn gaim 0.70
rob_flynn gaim 0.60
rob_flynn gaim 0.66
rob_flynn gaim 0.55
CVE-2004-0754 HIGH

Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.73
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.51
rob_flynn gaim 0.10.3
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.62
rob_flynn gaim 0.59.1
rob_flynn gaim 0.74
rob_flynn gaim 0.52
rob_flynn gaim 0.59
rob_flynn gaim 0.71
rob_flynn gaim 0.57
rob_flynn gaim 0.53
rob_flynn gaim 0.54
rob_flynn gaim 0.58
rob_flynn gaim 0.50
rob_flynn gaim 0.72
rob_flynn gaim 0.67
rob_flynn gaim 0.61
rob_flynn gaim 0.68
rob_flynn gaim 0.70
rob_flynn gaim 0.60
rob_flynn gaim 0.66
rob_flynn gaim 0.55
CVE-2004-0784 HIGH

The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.73
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.51
rob_flynn gaim 0.10.3
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.62
rob_flynn gaim 0.59.1
rob_flynn gaim 0.74
rob_flynn gaim 0.52
rob_flynn gaim 0.59
rob_flynn gaim 0.71
rob_flynn gaim 0.57
rob_flynn gaim 0.53
rob_flynn gaim 0.54
rob_flynn gaim 0.58
rob_flynn gaim 0.50
rob_flynn gaim 0.72
rob_flynn gaim 0.67
rob_flynn gaim 0.61
rob_flynn gaim 0.68
rob_flynn gaim 0.70
rob_flynn gaim 0.60
rob_flynn gaim 0.66
rob_flynn gaim 0.55
CVE-2004-0785 HIGH

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.73
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.51
rob_flynn gaim 0.10.3
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.62
rob_flynn gaim 0.59.1
rob_flynn gaim 0.74
rob_flynn gaim 0.52
rob_flynn gaim 0.59
rob_flynn gaim 0.71
rob_flynn gaim 0.57
rob_flynn gaim 0.53
rob_flynn gaim 0.54
rob_flynn gaim 0.58
rob_flynn gaim 0.50
rob_flynn gaim 0.72
rob_flynn gaim 0.67
rob_flynn gaim 0.61
rob_flynn gaim 0.68
rob_flynn gaim 0.70
rob_flynn gaim 0.60
rob_flynn gaim 0.66
rob_flynn gaim 0.55
CVE-2004-0891 HIGH

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.73
gentoo linux *
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.51
rob_flynn gaim 0.10.3
slackware slackware_linux 10.0
ubuntu ubuntu_linux 4.1
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.62
rob_flynn gaim 0.82
rob_flynn gaim 0.59.1
rob_flynn gaim 1.0
rob_flynn gaim 0.82.1
rob_flynn gaim 0.74
rob_flynn gaim 0.52
rob_flynn gaim 0.59
slackware slackware_linux 9.1
rob_flynn gaim 0.71
rob_flynn gaim 0.57
rob_flynn gaim 0.53
rob_flynn gaim 0.54
rob_flynn gaim 1.0.1
rob_flynn gaim 0.58
rob_flynn gaim 0.50
rob_flynn gaim 0.72
rob_flynn gaim 0.67
rob_flynn gaim 0.61
slackware slackware_linux current
rob_flynn gaim 0.78
rob_flynn gaim 0.68
gentoo linux 1.4
rob_flynn gaim 0.70
rob_flynn gaim 0.60
rob_flynn gaim 0.66
rob_flynn gaim 0.55
slackware slackware_linux 9.0
CVE-2004-2589 MEDIUM

Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.73
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.79
rob_flynn gaim 0.51
rob_flynn gaim 0.10.3
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.62
rob_flynn gaim 0.77
rob_flynn gaim 0.82
rob_flynn gaim 0.80
rob_flynn gaim 0.59.1
rob_flynn gaim 0.74
rob_flynn gaim 0.52
rob_flynn gaim 0.59
rob_flynn gaim 0.76
rob_flynn gaim 0.71
rob_flynn gaim 0.57
rob_flynn gaim 0.53
rob_flynn gaim 0.54
rob_flynn gaim 0.58
rob_flynn gaim 0.50
rob_flynn gaim 0.72
rob_flynn gaim 0.67
rob_flynn gaim 0.61
rob_flynn gaim 0.81
rob_flynn gaim 0.78
rob_flynn gaim 0.68
rob_flynn gaim 0.70
rob_flynn gaim 0.60
rob_flynn gaim 0.66
rob_flynn gaim 0.55
CVE-2005-0208 MEDIUM

The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.1.3
rob_flynn gaim 1.1.1
rob_flynn gaim 1.1.0
rob_flynn gaim 1.1.2
CVE-2005-0472 MEDIUM

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.1
redhat enterprise_linux_desktop 4.0
rob_flynn gaim 1.0.1
rob_flynn gaim 1.1.1
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 4.0
rob_flynn gaim 1.1.2
mandrakesoft mandrake_linux 10.0
rob_flynn gaim 1.0
CVE-2005-0473 MEDIUM

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.1
redhat enterprise_linux_desktop 4.0
rob_flynn gaim 1.0.1
rob_flynn gaim 1.1.1
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 4.0
rob_flynn gaim 1.1.2
mandrakesoft mandrake_linux 10.0
rob_flynn gaim 1.0
CVE-2005-0573 MEDIUM

Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.1.3
CVE-2005-0965 MEDIUM

The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.2.0
CVE-2005-0966 MEDIUM

The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.2.0
CVE-2005-0967 MEDIUM

Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.2.0
CVE-2005-1261 HIGH

Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.1.3
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.51
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 1.0.3
rob_flynn gaim 0.62
rob_flynn gaim 0.77
rob_flynn gaim 0.59.1
rob_flynn gaim 0.52
rob_flynn gaim 0.76
rob_flynn gaim 1.1.2
rob_flynn gaim 0.71
rob_flynn gaim 0.53
rob_flynn gaim 1.1.4
rob_flynn gaim 1.0.1
rob_flynn gaim 0.50
rob_flynn gaim 1.1.0
rob_flynn gaim 0.67
rob_flynn gaim 0.61
rob_flynn gaim 0.81
rob_flynn gaim 0.68
rob_flynn gaim 1.2.0
rob_flynn gaim 0.66
rob_flynn gaim 0.55
rob_flynn gaim 0.73
rob_flynn gaim 0.79
rob_flynn gaim 0.10.3
rob_flynn gaim 1.0.0
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.82
rob_flynn gaim 0.80
rob_flynn gaim 0.82.1
rob_flynn gaim 0.74
rob_flynn gaim 1.1.1
rob_flynn gaim 0.59
rob_flynn gaim 1.0.2
rob_flynn gaim 0.57
rob_flynn gaim 0.54
rob_flynn gaim 1.2.1
rob_flynn gaim 0.58
rob_flynn gaim 0.72
rob_flynn gaim 0.78
rob_flynn gaim 0.70
rob_flynn gaim 0.60
CVE-2005-1262 MEDIUM

Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.1.3
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.51
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 1.0.3
rob_flynn gaim 0.62
rob_flynn gaim 0.77
rob_flynn gaim 0.59.1
rob_flynn gaim 0.52
rob_flynn gaim 0.76
rob_flynn gaim 1.1.2
rob_flynn gaim 0.71
rob_flynn gaim 0.53
rob_flynn gaim 1.1.4
rob_flynn gaim 1.0.1
rob_flynn gaim 0.50
rob_flynn gaim 1.1.0
rob_flynn gaim 0.67
rob_flynn gaim 0.61
rob_flynn gaim 0.81
rob_flynn gaim 0.68
rob_flynn gaim 1.2.0
rob_flynn gaim 0.66
rob_flynn gaim 0.55
rob_flynn gaim 0.73
rob_flynn gaim 0.79
rob_flynn gaim 0.10.3
rob_flynn gaim 1.0.0
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.82
rob_flynn gaim 0.80
rob_flynn gaim 0.82.1
rob_flynn gaim 0.74
rob_flynn gaim 1.1.1
rob_flynn gaim 0.59
rob_flynn gaim 1.0.2
rob_flynn gaim 0.57
rob_flynn gaim 0.54
rob_flynn gaim 1.2.1
rob_flynn gaim 0.58
rob_flynn gaim 0.72
rob_flynn gaim 0.78
rob_flynn gaim 0.70
rob_flynn gaim 0.60
CVE-2005-1269 MEDIUM

Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.1.3
rob_flynn gaim 0.10
rob_flynn gaim 0.65
rob_flynn gaim 0.75
rob_flynn gaim 0.51
rob_flynn gaim 0.56
rob_flynn gaim 0.64
rob_flynn gaim 1.0.3
rob_flynn gaim 0.62
rob_flynn gaim 0.77
rob_flynn gaim 0.59.1
rob_flynn gaim 0.52
rob_flynn gaim 0.76
rob_flynn gaim 1.1.2
rob_flynn gaim 0.71
rob_flynn gaim 0.53
rob_flynn gaim 1.1.4
rob_flynn gaim 1.0.1
rob_flynn gaim 0.50
rob_flynn gaim 1.1.0
rob_flynn gaim 0.67
rob_flynn gaim 0.61
rob_flynn gaim 0.81
rob_flynn gaim 0.68
rob_flynn gaim 1.2.0
rob_flynn gaim 0.66
rob_flynn gaim 0.55
rob_flynn gaim 0.73
rob_flynn gaim 0.79
rob_flynn gaim 0.10.3
rob_flynn gaim 1.0.0
rob_flynn gaim 0.63
rob_flynn gaim 0.69
rob_flynn gaim 0.82
rob_flynn gaim 0.80
rob_flynn gaim 1.0
rob_flynn gaim 0.82.1
rob_flynn gaim 0.74
rob_flynn gaim 1.1.1
rob_flynn gaim 0.59
rob_flynn gaim 1.3.0
rob_flynn gaim 1.0.2
rob_flynn gaim 0.57
rob_flynn gaim 0.54
rob_flynn gaim 1.2.1
rob_flynn gaim 0.58
rob_flynn gaim 0.72
rob_flynn gaim 0.78
rob_flynn gaim 0.70
rob_flynn gaim 0.60
CVE-2005-1934 MEDIUM

Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim *
CVE-2005-2102 MEDIUM

The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.1.3
rob_flynn gaim 1.1.1
rob_flynn gaim 1.3.0
rob_flynn gaim 1.0.2
rob_flynn gaim 1.1.2
rob_flynn gaim 1.0.0
rob_flynn gaim 1.1.4
rob_flynn gaim 1.0.1
rob_flynn gaim 1.2.1
rob_flynn gaim 1.1.0
rob_flynn gaim 1.0.3
rob_flynn gaim 1.2.0
rob_flynn gaim 1.0
CVE-2005-2370 MEDIUM

Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
ekg ekg 1.4
ekg ekg 1.3
ekg ekg 1.5
rob_flynn gaim *
ekg ekg 1.1
ekg ekg 2005-06-05
ekg ekg 2005-04-11
ekg ekg 1.6_rc1