CVE-2004-0891

critical

Description

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.

References

https://www.ubuntu.com/usn/usn-8-1/

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790

https://exchange.xforce.ibmcloud.com/vulnerabilities/17790

https://exchange.xforce.ibmcloud.com/vulnerabilities/17787

https://exchange.xforce.ibmcloud.com/vulnerabilities/17786

https://bugzilla.fedora.us/show_bug.cgi?id=2188

http://www.redhat.com/support/errata/RHSA-2004-604.html

http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml

http://gaim.sourceforge.net/security/?id=9

Details

Source: Mitre, NVD

Published: 2005-01-27

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical