Mandrake Security Advisory MDVSA-2009:127 (gaim) Network Vulnerability

Summary

The remote host is missing an update to gaim announced via advisory MDVSA-2009:127.

Solution

To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:127

Insight

It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2008-2927) Affected: Corporate 3.0

Severity

Classification

CVE CVE-2008-2927

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:092 (ntp)
Mandrake Security Advisory MDVSA-2009:069 (curl)
Mandrake Security Advisory MDVSA-2009:017 (kdebase)
Mandrake Security Advisory MDVSA-2009:124-1 (apache)
Mandrake Security Advisory MDVSA-2009:161-1 (squid)

Take action and discover your vulnerabilities