|
|
CVE Reference: CVE-2005-0966 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-0966 |
|
|
Description: The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/19937 http://xforce.iss.net/xforce/xfdb/19939 SUSE http://www.novell.com/linux/security/advisories/2005_36_sudo.html SAID Secunia Advisory: SA14815 REDHAT http://www.redhat.com/support/errata/RHSA-2005-365.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9185 MANDRAKE http://www.mandriva.com/security/advisories?name=MDKSA-2005:071 FEDORA http://www.securityfocus.com/archive/1/archive/1/426078/100/0/threaded CONFIRM http://sourceforge.net/project/shownotes.php?group_id=235&release_id=317750 http://gaim.sourceforge.net/security/index.php?id=14 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=111238715307356&w=2 BID 13003 |
|
| Return to the previous page. |
