Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.
Max CVSS
7.5
EPSS Score
1.70%
Published
2005-09-02
Updated
2017-07-11
gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-08-03
Updated
2008-09-05
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
Max CVSS
7.5
EPSS Score
58.26%
Published
2002-07-03
Updated
2021-07-23
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!