CVE-2004-0891
NONE EPSS 93.3%
Published Jan 27, 200521y ago · Modified Jun 16, 20262w ago
Published Jan 27, 2005 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
Threat Intelligence
EPSS Exploit Probability
93.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Affected Products 42
| Vendor | Product | Version | Range |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | any |
| rob_flynn | gaim | 0.10.3 | any |
| rob_flynn | gaim | 0.50 | any |
| rob_flynn | gaim | 0.51 | any |
| rob_flynn | gaim | 0.52 | any |
| rob_flynn | gaim | 0.53 | any |
| rob_flynn | gaim | 0.54 | any |
| rob_flynn | gaim | 0.55 | any |
| rob_flynn | gaim | 0.56 | any |
| rob_flynn | gaim | 0.57 | any |
| rob_flynn | gaim | 0.58 | any |
| rob_flynn | gaim | 0.59 | any |
| rob_flynn | gaim | 0.59.1 | any |
| rob_flynn | gaim | 0.60 | any |
| rob_flynn | gaim | 0.61 | any |
| rob_flynn | gaim | 0.62 | any |
| rob_flynn | gaim | 0.63 | any |
| rob_flynn | gaim | 0.64 | any |
| rob_flynn | gaim | 0.65 | any |
| rob_flynn | gaim | 0.66 | any |
| rob_flynn | gaim | 0.67 | any |
| rob_flynn | gaim | 0.68 | any |
| rob_flynn | gaim | 0.69 | any |
| rob_flynn | gaim | 0.70 | any |
| rob_flynn | gaim | 0.71 | any |
| rob_flynn | gaim | 0.72 | any |
| rob_flynn | gaim | 0.73 | any |
| rob_flynn | gaim | 0.74 | any |
| rob_flynn | gaim | 0.75 | any |
| rob_flynn | gaim | 0.78 | any |
| rob_flynn | gaim | 0.82 | any |
| rob_flynn | gaim | 0.82.1 | any |
| rob_flynn | gaim | 1.0 | any |
| rob_flynn | gaim | 1.0.1 | any |
| gentoo | linux | * | any |
| gentoo | linux | 1.4 | any |
| slackware | slackware_linux | 9.0 | any |
| slackware | slackware_linux | 9.1 | any |
| slackware | slackware_linux | 10.0 | any |
| slackware | slackware_linux | current | any |
| ubuntu | ubuntu_linux | 4.1 | any |
| ubuntu | ubuntu_linux | 4.1 | any |
References 9
- gaim.sourceforge.net http://gaim.sourceforge.net/security/?id=9
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-604.html
- bugzilla.fedora.us https://bugzilla.fedora.us/show_bug.cgi?id=2188
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17786
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17787
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17790
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790
- ubuntu.com https://www.ubuntu.com/usn/usn-8-1/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.