CVE-2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

Published: Sep 28, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0500
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
rob_flynn / gaim	0.71	0.71.x
rob_flynn / gaim	0.10.3	0.10.3.x
rob_flynn / gaim	0.61	0.61.x
rob_flynn / gaim	0.53	0.53.x
rob_flynn / gaim	0.73	0.73.x
rob_flynn / gaim	0.60	0.60.x
rob_flynn / gaim	0.69	0.69.x
rob_flynn / gaim	0.52	0.52.x
rob_flynn / gaim	0.72	0.72.x
rob_flynn / gaim	0.65	0.65.x
rob_flynn / gaim	0.59	0.59.x
rob_flynn / gaim	0.62	0.62.x
rob_flynn / gaim	0.74	0.74.x
rob_flynn / gaim	0.51	0.51.x
rob_flynn / gaim	0.56	0.56.x
rob_flynn / gaim	0.54	0.54.x
rob_flynn / gaim	0.55	0.55.x
rob_flynn / gaim	0.68	0.68.x
rob_flynn / gaim	0.67	0.67.x
rob_flynn / gaim	0.10	0.10.x
rob_flynn / gaim	0.59.1	0.59.1.x
rob_flynn / gaim	0.70	0.70.x
rob_flynn / gaim	0.50	0.50.x
rob_flynn / gaim	0.66	0.66.x
rob_flynn / gaim	0.63	0.63.x
rob_flynn / gaim	0.64	0.64.x
rob_flynn / gaim	0.58	0.58.x
rob_flynn / gaim	0.75	0.75.x
rob_flynn / gaim	0.57	0.57.x
mandrakesoft / mandrake_linux	9.2	9.2.x
gentoo / linux	1.4	1.4.x
mandrakesoft / mandrake_linux	10.0	10.0.x

Vulnerability Database

289,599

CVE-2004-0500