CVE-2004-0500

Severity

75%

Complexity

99%

Confidentiality

106%

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 20 years ago

2004-09-28 04:00:00

Last updated 7 years ago

2017-10-11 01:29:00

Affected Software

Gentoo Linux 1.4

1.4

MandrakeSoft Mandrake Linux 9.2

9.2

MandrakeSoft Mandrake Linux 10.0

10.0

References

http://gaim.sourceforge.net/security/?id=0

FEDORA-2004-278

FEDORA-2004-279

GLSA-200408-12

Patch, Vendor Advisory

GLSA-200408-27

MDKSA-2004:081

SUSE-SA:2004:025

RHSA-2004:400

10865

Patch, Vendor Advisory

gaim-msn-bo(16920)

oval:org.mitre.oval:def:9429

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.