Vulnerability Details : CVE-2005-1261
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
Vulnerability category: OverflowExecute code
Products affected by CVE-2005-1261
- cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.82:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.82.1:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.78:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.76:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.77:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.81:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.79:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:0.80:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:rob_flynn:gaim:1.2.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-1261
18.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-1261
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-1261
-
http://www.securityfocus.com/bid/13590
-
http://www.securityfocus.com/archive/1/426078/100/0/threaded
-
http://www.redhat.com/support/errata/RHSA-2005-432.html
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725
-
http://www.vupen.com/english/advisories/2005/0519
-
http://www.redhat.com/support/errata/RHSA-2005-429.html
Vendor Advisory
-
http://gaim.sourceforge.net/security/index.php?id=16
Patch;Vendor Advisory
Jump to