CVE-2004-0784

Опубликовано: 20 окт. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.

Ссылки

http://gaim.sourceforge.net/security/?id=1
Patch
Vendor Advisory
http://www.fedoranews.org/updates/FEDORA-2004-278.shtml
Patch
Vendor Advisory
http://www.fedoranews.org/updates/FEDORA-2004-279.shtml
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2004-400.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/17144
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008
http://gaim.sourceforge.net/security/?id=1
Patch
Vendor Advisory
http://www.fedoranews.org/updates/FEDORA-2004-278.shtml
Patch
Vendor Advisory
http://www.fedoranews.org/updates/FEDORA-2004-279.shtml
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2004-400.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/17144
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*

cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01272

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2004-0784

redhat

около 21 года назад

CVE-2004-0784

debian

почти 21 год назад

The smiley theme functionality in Gaim before 0.82 allows remote attac ...

GHSA-mq6w-7g5x-f5hr

github

больше 3 лет назад

EPSS

Процентиль: 79%

0.01272

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other