CVE-2004-0500

Published: Sep 28, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

Affected (34)

Products: Rob Flynn: Gaim · Gentoo: Linux · Mandrakesoft: Mandrake Linux

1 product

1 product

1 product

Configuration A

29 vulnerable

Vulnerable Software	Affected Versions
Rob Flynn Gaim	Version 0.10.3
Rob Flynn Gaim	Version 0.10
Rob Flynn Gaim	Version 0.50
Rob Flynn Gaim	Version 0.51
Rob Flynn Gaim	Version 0.52
Rob Flynn Gaim	Version 0.53
Rob Flynn Gaim	Version 0.54
Rob Flynn Gaim	Version 0.55
Rob Flynn Gaim	Version 0.56
Rob Flynn Gaim	Version 0.57
Rob Flynn Gaim	Version 0.58
Rob Flynn Gaim	Version 0.59.1
Rob Flynn Gaim	Version 0.59
Rob Flynn Gaim	Version 0.60
Rob Flynn Gaim	Version 0.61
Rob Flynn Gaim	Version 0.62
Rob Flynn Gaim	Version 0.63
Rob Flynn Gaim	Version 0.64
Rob Flynn Gaim	Version 0.65
Rob Flynn Gaim	Version 0.66
Rob Flynn Gaim	Version 0.67
Rob Flynn Gaim	Version 0.68
Rob Flynn Gaim	Version 0.69
Rob Flynn Gaim	Version 0.70
Rob Flynn Gaim	Version 0.71
Rob Flynn Gaim	Version 0.72
Rob Flynn Gaim	Version 0.73
Rob Flynn Gaim	Version 0.74
Rob Flynn Gaim	Version 0.75

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	Version 1.4
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 9.2
Mandrakesoft Mandrake Linux	Version 9.2

References (22)

http://gaim.sourceforge.net/security/?id=0

Source: cve@mitre.org

http://www.fedoranews.org/updates/FEDORA-2004-278.shtml

Source: cve@mitre.org

http://www.fedoranews.org/updates/FEDORA-2004-279.shtml

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml

Source: cve@mitre.org

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2004_25_gaim.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-400.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/10865

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16920

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429

Source: cve@mitre.org

http://gaim.sourceforge.net/security/?id=0

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.fedoranews.org/updates/FEDORA-2004-278.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.fedoranews.org/updates/FEDORA-2004-279.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2004_25_gaim.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-400.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/10865

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16920

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.