VDB
CVE-2004-0006
CVE-2004-0006
PUBLISHED
CVSS 7.5 HIGH
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.
EPSS 18.04% · 95.3th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
18.04%
95.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| rob_flynn | gaim | 0 |
| ultramagnetic | ultramagnetic | 0 |
Timeline
- Jan 29, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- 3732 vdb
- 20040202-01-U vendor-advisory
- 9489 vdb
- DSA-434 vendor-advisory
- 20040201-01-U vendor-advisory
- RHSA-2004:032 vendor-advisory
- SuSE-SA:2004:004 vendor-advisory
- SSA:2004-026 vendor-advisory
- oval:org.mitre.oval:def:818 vdb
- VU#871838 third-party-advisory
- VU#444158 third-party-advisory
- 20040126 Advisory 01/2004: 12 x Gaim remote overflows mailing-list
- VU#297198 third-party-advisory
- gaim-login-value-bo(14941) vdb
- oval:org.mitre.oval:def:10222 vdb
- http://ultramagnetic.sourceforge.net/advisories/001.html url
- GLSA-200401-04 vendor-advisory
- 1008850 vdb
- 20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code mailing-list
- http://security.e-matters.de/advisories/012004.html url
…and 15 more