CVE-2004-0500
Gaim - Buffer Overflow in MSN Protocol Plugin via MSNSLP Messages
Title source: llmDescription
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
References (11)
Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16920
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-400.html
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10865
Mailing List vendor-advisory
x_refsource_fedora
http://www.fedoranews.org/updates/FEDORA-2004-278.shtml
Mailing List vendor-advisory
x_refsource_fedora
http://www.fedoranews.org/updates/FEDORA-2004-279.shtml
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2004_25_gaim.html
Various Sources vendor-advisory
x_refsource_mandrake
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml
Product x_refsource_confirm
http://gaim.sourceforge.net/security/?id=0
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429
Scores
EPSS
0.0326
EPSS Percentile
87.3%
Details
Status
published
Products (32)
gentoo/linux
1.4
mandrakesoft/mandrake_linux
9.2 (2 CPE variants)
mandrakesoft/mandrake_linux
10.0 (2 CPE variants)
rob_flynn/gaim
0.10
rob_flynn/gaim
0.10.3
rob_flynn/gaim
0.50
rob_flynn/gaim
0.51
rob_flynn/gaim
0.52
rob_flynn/gaim
0.53
rob_flynn/gaim
0.54
... and 22 more
Published
Sep 28, 2004
Tracked Since
Feb 18, 2026