CVE-2004-0007 Information

Description

Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier and Ultramagnetic before 0.81 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000813 http://marc.info/?l=bugtraq&m=107513690306318&w=2 http://marc.info/?l=bugtraq&m=107522432613022&w=2 http://security.e-matters.de/advisories/012004.html http://security.gentoo.org/glsa/glsa-200401-04.xml http://ultramagnetic.sourceforge.net/advisories/001.html http://www.debian.org/security/2004/dsa-434 http://www.kb.cert.org/vuls/id/197142 http://www.mandriva.com/security/advisories?name=MDKSA-2004:006 http://www.osvdb.org/3733 http://www.redhat.com/support/errata/RHSA-2004-032.html http://www.redhat.com/support/errata/RHSA-2004-033.html http://www.securityfocus.com/advisories/6281 http://www.securityfocus.com/bid/9489 http://www.securitytracker.com/id?1008850 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.361158 https://exchange.xforce.ibmcloud.com/vulnerabilities/14946 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A819 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9906