返回 CVE 浏览器

CVE-2005-2103

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1130%

EPSS Percentile2.29th

Published2005年8月16日

Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.

Affected Platforms (CPE)

📦

Gaim Project

Gaim

< 1.5.0

References & Advisories

🔗 http://gaim.sourceforge.net/security/?id=22

🔗 http://www.novell.com/linux/security/advisories/2005_19_sr.html

🔗 http://www.redhat.com/support/errata/RHSA-2005-589.html

🔗 http://www.redhat.com/support/errata/RHSA-2005-627.html

🔗 http://www.securityfocus.com/archive/1/426078/100/0/threaded

🔗 http://www.securityfocus.com/bid/14531

🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477

🔗 https://usn.ubuntu.com/168-1/

相关漏洞威胁

CVE-2009-269410.0

The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2...

CVE-2004-089110.0

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (applicati...

CVE-2000-117210.0

Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and pos...

CVE-2004-00059.8

Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via...