CVE-2005-2772

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/09/2005
Last modified:
03/04/2025

Description

Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:university_of_minnesota:gopher:3.0.9:*:*:*:*:*:*:*