49228 – (CVE-2004-0006) VUL-0: CVE-2004-0006: gaim: missed one buffer oveflow

Bug 49228 (CVE-2004-0006) - VUL-0: CVE-2004-0006: gaim: missed one buffer oveflow

Summary: VUL-0: CVE-2004-0006: gaim: missed one buffer oveflow

Attachments
patchinfo-box.gaim2 (531 bytes, text/plain) 2004-01-30 23:30 UTC, Thomas Biege	Details
patchinfo.gaim2 (380 bytes, text/plain) 2004-01-30 23:31 UTC, Thomas Biege	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Biege 2004-01-30 22:46:54 UTC

Hi Mads. 
Bad news. We have still one bug in our gaim. 
 
Stefan told us, that the util.c:gaim_url_parse is in html.c:parse_url instead.

Comment 1 Thomas Biege 2004-01-30 22:46:54 UTC

<!-- SBZ_reproduce  -->
-

Comment 2 Mads Martin Joergensen 2004-01-30 23:22:05 UTC

Shit, that's why I needed you to go over it too, I was hoping 4 eyes would be
better than 2.

Anyway. Full loop again, with packages, patchinfo etc.?

Comment 3 Thomas Biege 2004-01-30 23:24:19 UTC

Unfortunately yes. 
I will attach the files ASAP.

Comment 4 Thomas Biege 2004-01-30 23:30:05 UTC

Created attachment 15818 [details]
patchinfo-box.gaim2

Comment 5 Thomas Biege 2004-01-30 23:31:12 UTC

Created attachment 15819 [details]
patchinfo.gaim2

Comment 6 Mads Martin Joergensen 2004-02-02 20:39:47 UTC

Ok, submitted to 80 -> 90, and both patchinfos added.

Comment 7 Thomas Biege 2004-02-02 21:07:15 UTC

Thanks.

Comment 8 Thomas Biege 2004-02-03 20:57:03 UTC

packages approved

Comment 9 Marcus Meissner 2008-01-20 22:16:59 UTC

i think part of CVE-2004-0006

Comment 10 Thomas Biege 2009-10-13 20:06:07 UTC

CVE-2004-0006: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)