CVE-2005-2103 — CRITICAL (9.8)

Q: How severe is CVE-2005-2103?

CVE-2005-2103 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2005-2103?

Check the references section above for vendor advisories and patch information. Affected products include: Gaim Project Gaim.

Vulnerability Description

Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Gaim Project	Gaim	< 1.5.0

Related Weaknesses (CWE)

CWE-131

References

http://gaim.sourceforge.net/security/?id=22Broken Link
http://www.novell.com/linux/security/advisories/2005_19_sr.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2005-589.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2005-627.htmlBroken Link
http://www.securityfocus.com/archive/1/426078/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/14531Broken LinkThird Party AdvisoryVDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
https://usn.ubuntu.com/168-1/Broken Link
http://gaim.sourceforge.net/security/?id=22Broken Link
http://www.novell.com/linux/security/advisories/2005_19_sr.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2005-589.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2005-627.htmlBroken Link
http://www.securityfocus.com/archive/1/426078/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/14531Broken LinkThird Party AdvisoryVDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link

FAQ

What is CVE-2005-2103?

CVE-2005-2103 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a l...

How severe is CVE-2005-2103?

CVE-2005-2103 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2005-2103?

Check the references section above for vendor advisories and patch information. Affected products include: Gaim Project Gaim.