Skip to main content

CVE-2005-0966

Severity Medium
Score 6.4/10

Summary

The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published