CVE-2004-0785

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.

🔗 References (40)

• cve@mitrehttp://gaim.sourceforge.net/security/?id=3
• cve@mitrehttp://gaim.sourceforge.net/security/?id=4
• cve@mitrehttp://gaim.sourceforge.net/security/?id=5
• cve@mitrehttp://secunia.com/advisories/12383
• cve@mitrehttp://secunia.com/advisories/12480
• cve@mitrehttp://secunia.com/advisories/12929
• cve@mitrehttp://secunia.com/advisories/13101
• cve@mitrehttp://securitytracker.com/id?1011083
• cve@mitrehttp://www.fedoranews.org/updates/FEDORA-2004-278.shtml
• cve@mitrehttp://www.fedoranews.org/updates/FEDORA-2004-279.shtml
• cve@mitrehttp://www.gentoo.org/security/en/glsa/glsa-200408-27.xml
• cve@mitrehttp://www.osvdb.org/9261
• cve@mitrehttp://www.osvdb.org/9262
• cve@mitrehttp://www.osvdb.org/9263
• cve@mitrehttp://www.redhat.com/support/errata/RHSA-2004-400.html