CVE-2002-0384 - OpenCVE

Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Rob Flynn	Gaim

Configuration 1 [-]

OR	cpe:2.3:a:rob_flynn:gaim:0.51:::::::*
	cpe:2.3:a:rob_flynn:gaim:0.52:::::::*
	cpe:2.3:a:rob_flynn:gaim:0.53:::::::*
	cpe:2.3:a:rob_flynn:gaim:0.54:::::::*
	cpe:2.3:a:rob_flynn:gaim:0.55:::::::*
	cpe:2.3:a:rob_flynn:gaim:0.56:::::::*
	cpe:2.3:a:rob_flynn:gaim:0.57:::::::*

References

Link	Resource
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054
http://online.securityfocus.com/advisories/4358
http://www.iss.net/security_center/static/9766.php	Vendor Advisory
http://www.osvdb.org/3729
http://www.redhat.com/support/errata/RHSA-2002-098.html	Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2002-107.html
http://www.redhat.com/support/errata/RHSA-2002-122.html
http://www.redhat.com/support/errata/RHSA-2003-156.html
http://www.securityfocus.com/bid/5406	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2004-09-01T04:00:00

Updated: 2004-08-18T00:00:00

Reserved: 2002-05-22T00:00:00

Link: CVE-2002-0384

JSON object: View

NVD Information

Status : Analyzed

Published: 2002-10-04T04:00:00.000

Modified: 2008-09-10T19:11:54.103

Link: CVE-2002-0384

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-08-05T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-08-18T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2002:107", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"}, {"name": "HPSBTL0208-057", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://online.securityfocus.com/advisories/4358"}, {"name": "RHSA-2002:122", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"}, {"name": "5406", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5406"}, {"name": "3729", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/3729"}, {"name": "RHSA-2002:098", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"}, {"name": "RHSA-2003:156", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"}, {"name": "MDKSA-2002:054", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"}, {"name": "gaim-jabber-module-bo(9766)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/9766.php"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0384", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2002:107", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"}, {"name": "HPSBTL0208-057", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/4358"}, {"name": "RHSA-2002:122", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"}, {"name": "5406", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5406"}, {"name": "3729", "refsource": "OSVDB", "url": "http://www.osvdb.org/3729"}, {"name": "RHSA-2002:098", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"}, {"name": "RHSA-2003:156", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"}, {"name": "MDKSA-2002:054", "refsource": "MANDRAKE", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"}, {"name": "gaim-jabber-module-bo(9766)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/9766.php"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0384", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-05-22T00:00:00", "dateUpdated": "2004-08-18T00:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*", "matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*", "matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030", "vulnerable": true}, {"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*", "matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*", "matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204", "vulnerable": true}, {"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*", "matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91", "vulnerable": true}, {"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*", "matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*", "matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el plug-in Jabber en el cliente Gaim anteriores a 0.589 permite a atacantes ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2002-0384", "lastModified": "2008-09-10T19:11:54.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-10-04T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:054"}, {"source": "cve@mitre.org", "url": "http://online.securityfocus.com/advisories/4358"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.iss.net/security_center/static/9766.php"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/3729"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2002-098.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-107.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-122.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-156.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/5406"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}