<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <glsa id="200508-06"> <title>Gaim: Remote execution of arbitrary code</title> <synopsis> Gaim is vulnerable to a buffer overflow which could lead to the execution of arbitrary code or to a Denial of Service. </synopsis> <product type="ebuild">Gaim</product> <announced>2005-08-15</announced> <revised count="01">2005-08-15</revised> <bug>102000</bug> <access>remote</access> <affected> <package name="net-im/gaim" auto="yes" arch="*"> <unaffected range="ge">1.5.0</unaffected> <vulnerable range="lt">1.5.0</vulnerable> </package> </affected> <background> <p> Gaim is a full featured instant messaging client which handles a variety of instant messaging protocols. </p> </background> <description> <p> Brandon Perry discovered that Gaim is vulnerable to a heap-based buffer overflow when handling away messages (CAN-2005-2103). Furthermore, Daniel Atallah discovered a vulnerability in the handling of file transfers (CAN-2005-2102). </p> </description> <impact type="high"> <p> A remote attacker could create a specially crafted away message which, when viewed by the target user, could lead to the execution of arbitrary code. Also, an attacker could send a file with a non-UTF8 filename to a user, which would result in a Denial of Service. </p> </impact> <workaround> <p> There is no known workaround at this time. </p> </workaround> <resolution> <p> All Gaim users should upgrade to the latest version: </p> <code> # emerge --sync # emerge --ask --oneshot --verbose ">=net-im/gaim-1.5.0"</code> </resolution> <references> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102">CAN-2005-2102</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103">CAN-2005-2103</uri> </references> <metadata tag="requester" timestamp="2005-08-12T08:01:27Z"> koon </metadata> <metadata tag="submitter" timestamp="2005-08-12T19:16:18Z"> formula7 </metadata> <metadata tag="bugReady" timestamp="2005-08-13T08:53:41Z"> koon </metadata> </glsa>