CVE-2002-0377

Name of the Vulnerable Software and Affected Versions Gaim version 0.57

Description The issue allows local users to access sensitive information, including MSN web email accounts of other users, by reading authentication data from files in the /tmp directory. This is possible because Gaim stores sensitive information in world-readable and group-writable files.

Recommendations For Gaim version 0.57, consider restricting access to the /tmp directory or modifying the file permissions to prevent unauthorized access until a patch is available. As a temporary workaround, avoid using Gaim to access MSN web email accounts until the issue is resolved.