Bug 49228 - (CVE-2004-0006) VUL-0: CVE-2004-0006: gaim: missed one buffer oveflow
(CVE-2004-0006)
VUL-0: CVE-2004-0006: gaim: missed one buffer oveflow
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
All Linux
: P3 - Medium : Normal
: ---
Assigned To: Thomas Biege
Security Team bot
CVE-2004-0006: CVSS v2 Base Score: 7....
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-01-30 22:46 UTC by Thomas Biege
Modified: 2021-09-30 15:18 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
patchinfo-box.gaim2 (531 bytes, text/plain)
2004-01-30 23:30 UTC, Thomas Biege
Details
patchinfo.gaim2 (380 bytes, text/plain)
2004-01-30 23:31 UTC, Thomas Biege
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Biege 2004-01-30 22:46:54 UTC
Hi Mads. 
Bad news. We have still one bug in our gaim. 
 
Stefan told us, that the util.c:gaim_url_parse is in html.c:parse_url instead.
Comment 1 Thomas Biege 2004-01-30 22:46:54 UTC
<!-- SBZ_reproduce  -->
-
Comment 2 Mads Martin Joergensen 2004-01-30 23:22:05 UTC
Shit, that's why I needed you to go over it too, I was hoping 4 eyes would be
better than 2.

Anyway. Full loop again, with packages, patchinfo etc.?
Comment 3 Thomas Biege 2004-01-30 23:24:19 UTC
Unfortunately yes. 
I will attach the files ASAP. 
Comment 4 Thomas Biege 2004-01-30 23:30:05 UTC
Created attachment 15818 [details]
patchinfo-box.gaim2
Comment 5 Thomas Biege 2004-01-30 23:31:12 UTC
Created attachment 15819 [details]
patchinfo.gaim2
Comment 6 Mads Martin Joergensen 2004-02-02 20:39:47 UTC
Ok, submitted to 80 -> 90, and both patchinfos added.
Comment 7 Thomas Biege 2004-02-02 21:07:15 UTC
Thanks. 
Comment 8 Thomas Biege 2004-02-03 20:57:03 UTC
packages approved 
Comment 9 Marcus Meissner 2008-01-20 22:16:59 UTC
i think part of CVE-2004-0006
Comment 10 Thomas Biege 2009-10-13 20:06:07 UTC
CVE-2004-0006: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)