CVE-2005-2103

CVSS 9.8 - CRITICAL
Description

Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.

Affected Products
1
Vendor Product Version
gaim_project gaim All versions
References
http://gaim.sourceforge.net/security/?id=22
http://www.novell.com/linux/security/advisories/20...
http://www.redhat.com/support/errata/RHSA-2005-589...
http://www.redhat.com/support/errata/RHSA-2005-627...
http://www.securityfocus.com/archive/1/426078/100/...
http://www.securityfocus.com/bid/14531
https://oval.cisecurity.org/repository/search/defi...
https://usn.ubuntu.com/168-1/
http://gaim.sourceforge.net/security/?id=22
http://www.novell.com/linux/security/advisories/20...
http://www.redhat.com/support/errata/RHSA-2005-589...
http://www.redhat.com/support/errata/RHSA-2005-627...
http://www.securityfocus.com/archive/1/426078/100/...
http://www.securityfocus.com/bid/14531
https://oval.cisecurity.org/repository/search/defi...
https://usn.ubuntu.com/168-1/
Weakness Types
CWE-131 CWE-131
CVE Information
CVE ID:
CVE-2005-2103
Published:
2005-08-16
Modified:
2025-04-03
CVSS Score:
9.8
Severity:
CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Vendors
gaim_project
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL