Gaim-encryption : Security Vulnerabilities, CVEs, CVSS score >= 3
Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to cause a denial of service (crash) via a crafted message from an ICQ buddy, possibly involving the GE_received_key function in keys.c.
Max CVSS
5.0
EPSS Score
0.28%
Published
2005-12-31
Updated
2008-09-05
decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte.
Max CVSS
5.0
EPSS Score
0.67%
Published
2003-05-05
Updated
2016-10-18
2 vulnerabilities found