Description
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
CVSS Metrics
- Vector
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Access Vector
- network
- Access Cmplx
- low
- Auth
- none
- Confidentiality
- partial
- Integrity
- partial
- Availability
- partial
- Weaknesses
- NVD-CWE-Other
Metadata
- Primary Vendor
- ROB_FLYNN
- Published
- 10/20/2004
- Last Modified
- 4/3/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
rob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaimrob_flynn : gaim
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.