FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gaim -- malicious smiley themes

Affected packages
gaim < 0.82
ja-gaim < 0.82
ko-gaim < 0.82
ru-gaim < 0.82
20030000 < gaim

Details

VuXML ID 635bf5f4-26b7-11d9-9289-000c41e2cdad
Discovery 2004-08-22
Entry 2004-10-25

The Gaim Security Issues page documents a problem with installing smiley themes from an untrusted source:

To install a new smiley theme, a user can drag a tarball from a graphical file manager, or a hypertext link to one from a web browser. When a tarball is dragged, Gaim executes a shell command to untar it. However, it does not escape the filename before sending it to the shell. Thus, a specially crafted filename could execute arbitrary commands if the user could be convinced to drag a file into the smiley theme selector.

References

CVE Name CVE-2004-0784
URL http://gaim.sourceforge.net/security/?id=1