Vulnerabilities > CVE-2003-0163 - Remote Heap Corruption vulnerability in Gaim-Encryption 1.13/1.14/1.15
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |