Rapid7 Vulnerability & Exploit Database

SuSE 9.0 security update for gaim

Back to Search

SuSE 9.0 security update for gaim

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
11/06/2004
Created
07/25/2018
Added
11/06/2004
Modified
11/18/2015

Description

The system is missing one or more SuSE security patches. This security update fixes four security issues which are registered as: CAN-2004-0754 An integer overflow in the groupware message handler exists in Gaim. CAN-2004-0784 A shell escape vulnerability in the handling of smiley theme tarball filenames could lead to arbitrary command execution. CAN-2004-0785 Buffer overflows in Gaim could lead to a denial of service or arbitrary code execution. Additionally a buffer overflow in the parse url code of gaim is fixed. This bug let to remote system compromise with the privileges of the user running gaim.

Solution(s)

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;