Vulnerability Name:

CVE-2005-1269 (CCN-20968)

Assigned:2005-06-09
Published:2005-06-09
Updated:2018-10-19
Summary:Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2005-1269

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2005:1006
Fixes for gaim's vulnerabilities

Source: CCN
Type: Gaim Download Web site
Downloads - Gaim

Source: CONFIRM
Type: UNKNOWN
http://gaim.sourceforge.net/security/?id=18

Source: CCN
Type: Gaim Vulnerability
Remote Yahoo! crash

Source: CCN
Type: RHSA-2005-518
gaim security update

Source: GENTOO
Type: UNKNOWN
GLSA-200506-11

Source: DEBIAN
Type: UNKNOWN
DSA-734

Source: DEBIAN
Type: DSA-734
gaim -- denial of service

Source: CCN
Type: GLSA-200506-11
Gaim: Denial of Service vulnerabilities

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:099

Source: SUSE
Type: UNKNOWN
SUSE-SA:2005:036

Source: REDHAT
Type: UNKNOWN
RHSA-2005:518

Source: FEDORA
Type: UNKNOWN
FLSA:158543

Source: BID
Type: UNKNOWN
13931

Source: CCN
Type: BID-13931
Gaim Yahoo! Protocol Support File Download Denial of Service Vulnerability

Source: CCN
Type: USN-139-1
Gaim vulnerability

Source: XF
Type: UNKNOWN
gaim-non-ascii-filenames-yahoo-dos(20968)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:744

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9544

Source: UBUNTU
Type: UNKNOWN
USN-139-1

Source: SUSE
Type: SUSE-SA:2005:036
sudo: race condition arbitrary code execution

Source: SUSE
Type: SUSE-SR:2005:017
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.76:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.77:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.78:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.79:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.80:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.81:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.82:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.82.1:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:1.3.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20051269
    V
    		CVE-2005-1269
    2015-11-16
    oval:org.mitre.oval:def:9544
    V
    		Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
    2013-04-29
    oval:org.mitre.oval:def:744
    V
    		Gaim DoS via Yahoo! Message
    2005-09-21
    oval:org.debian:def:734
    V
    		denial of service
    2005-07-05
    oval:com.redhat.rhsa:def:20050518
    P
    		RHSA-2005:518: gaim security update (Moderate)
    2005-06-16
    BACK
    rob_flynn gaim 0.10
    rob_flynn gaim 0.10.3
    rob_flynn gaim 0.50
    rob_flynn gaim 0.51
    rob_flynn gaim 0.52
    rob_flynn gaim 0.53
    rob_flynn gaim 0.54
    rob_flynn gaim 0.55
    rob_flynn gaim 0.56
    rob_flynn gaim 0.57
    rob_flynn gaim 0.58
    rob_flynn gaim 0.59
    rob_flynn gaim 0.59.1
    rob_flynn gaim 0.60
    rob_flynn gaim 0.61
    rob_flynn gaim 0.62
    rob_flynn gaim 0.63
    rob_flynn gaim 0.64
    rob_flynn gaim 0.65
    rob_flynn gaim 0.66
    rob_flynn gaim 0.67
    rob_flynn gaim 0.68
    rob_flynn gaim 0.69
    rob_flynn gaim 0.70
    rob_flynn gaim 0.71
    rob_flynn gaim 0.72
    rob_flynn gaim 0.73
    rob_flynn gaim 0.74
    rob_flynn gaim 0.75
    rob_flynn gaim 0.76
    rob_flynn gaim 0.77
    rob_flynn gaim 0.78
    rob_flynn gaim 0.79
    rob_flynn gaim 0.80
    rob_flynn gaim 0.81
    rob_flynn gaim 0.82
    rob_flynn gaim 0.82.1
    rob_flynn gaim 1.0
    rob_flynn gaim 1.0.0
    rob_flynn gaim 1.0.1
    rob_flynn gaim 1.0.2
    rob_flynn gaim 1.0.3
    rob_flynn gaim 1.1.0
    rob_flynn gaim 1.1.1
    rob_flynn gaim 1.1.2
    rob_flynn gaim 1.1.3
    rob_flynn gaim 1.1.4
    rob_flynn gaim 1.2.0
    rob_flynn gaim 1.2.1
    rob_flynn gaim 1.3.0