CVE-2005-1261

Properties

Published:
10.05.2005
Updated:
21.08.2010
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Product:
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim
rob_flynn: gaim

Vulnerability description

Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.

References:

CONFIRM: http://gaim.sourceforge.net/security/index.php?id=16
REDHAT: http://www.redhat.com/support/errata/RHSA-2005-432.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2005-429.html
VUPEN: http://www.frsirt.com/english/advisories/2005/0519
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10725
BID: http://www.securityfocus.com/bid/13590
FEDORA: http://www.securityfocus.com/archive/1/archive/1/426078/100/0/threaded