Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
Max CVSS
5.0
EPSS Score
5.26%
Published
2005-07-26
Updated
2018-10-19
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
Max CVSS
5.0
EPSS Score
3.36%
Published
2005-08-16
Updated
2018-10-19
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
Max CVSS
5.0
EPSS Score
4.17%
Published
2005-05-19
Updated
2018-10-19
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
Max CVSS
5.0
EPSS Score
5.02%
Published
2005-06-16
Updated
2018-10-19
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
Max CVSS
5.0
EPSS Score
3.36%
Published
2005-05-11
Updated
2018-10-19
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
Max CVSS
7.5
EPSS Score
21.25%
Published
2005-05-11
Updated
2018-10-19
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
Max CVSS
5.0
EPSS Score
4.02%
Published
2005-05-02
Updated
2018-10-19
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.
Max CVSS
6.4
EPSS Score
3.84%
Published
2005-05-02
Updated
2018-10-19
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
2.38%
Published
2005-05-02
Updated
2018-10-19
Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters.
Max CVSS
5.0
EPSS Score
0.29%
Published
2005-05-02
Updated
2016-10-18
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
Max CVSS
5.0
EPSS Score
7.91%
Published
2005-03-14
Updated
2018-10-19
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
Max CVSS
5.0
EPSS Score
5.53%
Published
2005-03-14
Updated
2018-10-19
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
Max CVSS
5.0
EPSS Score
7.80%
Published
2005-05-02
Updated
2018-10-19
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
Max CVSS
10.0
EPSS Score
8.82%
Published
2005-01-27
Updated
2017-10-11
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!