Published: 05/05/2003 Updated: 18/10/2016
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and previous versions does not properly validate a message length parameter, which allows remote malicious users to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte.

Vulnerable Product Search on Vulmon Subscribe to Product

gaim-encryption gaim-encryption 1.13

gaim-encryption gaim-encryption 1.14

gaim-encryption gaim-encryption 1.15