Gaim

gaim

Vendor: Rob Flynn • 26 CVEs

CVEs (26)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-2102 1Rob Flynn 1Gaim Apr 16, 2026 Aug 16, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
CVE-2005-2370 2Ekg Rob Flynn 2Ekg Gaim Apr 16, 2026 Jul 26, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC...Show more Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.Show less
CVE-2005-1269 1Rob Flynn 1Gaim Apr 16, 2026 Jun 16, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
CVE-2005-1934 1Rob Flynn 1Gaim Apr 16, 2026 May 19, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
CVE-2005-1262 1Rob Flynn 1Gaim Apr 16, 2026 May 11, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
CVE-2005-1261 1Rob Flynn 1Gaim Apr 16, 2026 May 11, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
CVE-2005-0967 1Rob Flynn 1Gaim Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
CVE-2005-0966 1Rob Flynn 1Gaim Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject...Show more The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.Show less
CVE-2005-0965 1Rob Flynn 1Gaim Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of...Show more The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.Show less
CVE-2005-0573 1Rob Flynn 1Gaim Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters.
CVE-2005-0208 1Rob Flynn 1Gaim Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0...Show more The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.Show less
CVE-2005-0473 3Mandrakesoft RedhatRob Flynn 5Enterprise Linux Enterprise Linux DesktopGaim+2 more Apr 16, 2026 Mar 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0...Show more The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.Show less
CVE-2005-0472 3Mandrakesoft RedhatRob Flynn 5Enterprise Linux Enterprise Linux DesktopGaim+2 more Apr 16, 2026 Mar 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
CVE-2004-0891 4Gentoo Rob FlynnSlackware+1 more 4Gaim LinuxSlackware Linux+1 more Apr 16, 2026 Jan 27, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messag...Show more Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.Show less
CVE-2004-2589 1Rob Flynn 1Gaim Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
CVE-2004-0785 1Rob Flynn 1Gaim Apr 16, 2026 Oct 20, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as o...Show more Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.Show less
CVE-2004-0784 1Rob Flynn 1Gaim Apr 16, 2026 Oct 20, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
CVE-2004-0754 1Rob Flynn 1Gaim Apr 16, 2026 Oct 20, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
CVE-2004-0500 3Gentoo MandrakesoftRob Flynn 3Gaim LinuxMandrake Linux Apr 16, 2026 Sep 28, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are n...Show more Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.Show less
CVE-2004-0008 2Rob Flynn Ultramagnetic 2Gaim Ultramagnetic Apr 16, 2026 Mar 3, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer o...Show more Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.Show less

12 Next