FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gaim -- buffer overflow in MSN protocol support

Affected packages
0.79 <= gaim <= 1.0.1
0.79 <= ja-gaim <= 1.0.1
0.79 <= ru-gaim <= 1.0.1
20030000 < gaim

Details

VuXML ID 1e6c4008-245f-11d9-b584-0050fc56d258
Discovery 2004-10-19
Entry 2004-10-25

Due to a buffer overflow in the MSN protocol support for gaim 0.79 to 1.0.1, it is possible for remote clients to do a denial-of-service attack on the application. This is caused by an unbounded copy operation, which writes to the wrong buffer.

References

CVE Name CVE-2004-0891
URL http://gaim.sourceforge.net/security/?id=9

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.