Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

Related bugs and status

CVE-2004-0500 (Candidate) is related to these bugs:

Bug #7674: Security Flaw in Gaim

Summary				In	Importance	Status
	7674	Security Flaw in Gaim		gaim (Ubuntu)	High	Fix Released
	7674	Security Flaw in Gaim		gaim (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

FEDORA: FEDORA-2004-278
FEDORA: FEDORA-2004-279
GENTOO: GLSA-200408-12
GENTOO: GLSA-200408-27
MANDRAKE: MDKSA-2004:081
REDHAT: RHSA-2004:400
SUSE: SUSE-SA:2004:025
CONFIRM: http://gaim.sourceforg...
BID: 10865
XF: gaim-msn-bo(16920)
OVAL: oval:org.mitre.oval:de...