CVE-2004-0891

NONE EPSS 93.3%
Published Jan 27, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 27, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.

Threat Intelligence

EPSS Exploit Probability
93.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 42

VendorProductVersionRange
rob_flynngaim0.10any
rob_flynngaim0.10.3any
rob_flynngaim0.50any
rob_flynngaim0.51any
rob_flynngaim0.52any
rob_flynngaim0.53any
rob_flynngaim0.54any
rob_flynngaim0.55any
rob_flynngaim0.56any
rob_flynngaim0.57any
rob_flynngaim0.58any
rob_flynngaim0.59any
rob_flynngaim0.59.1any
rob_flynngaim0.60any
rob_flynngaim0.61any
rob_flynngaim0.62any
rob_flynngaim0.63any
rob_flynngaim0.64any
rob_flynngaim0.65any
rob_flynngaim0.66any
rob_flynngaim0.67any
rob_flynngaim0.68any
rob_flynngaim0.69any
rob_flynngaim0.70any
rob_flynngaim0.71any
rob_flynngaim0.72any
rob_flynngaim0.73any
rob_flynngaim0.74any
rob_flynngaim0.75any
rob_flynngaim0.78any
rob_flynngaim0.82any
rob_flynngaim0.82.1any
rob_flynngaim1.0any
rob_flynngaim1.0.1any
gentoolinux*any
gentoolinux1.4any
slackwareslackware_linux9.0any
slackwareslackware_linux9.1any
slackwareslackware_linux10.0any
slackwareslackware_linuxcurrentany
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux4.1any

References 9

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.