CVE-2005-2772

Name of the Vulnerable Software and Affected Versions University of Minnesota gopher client version 3.0.9

Description The issue is related to multiple stack-based buffer overflows. These overflows can be triggered by a remote malicious server through specific actions, including sending a long "+VIEWS:" reply that is not properly handled in the VIfromLine function, and passing certain arguments when launching third-party programs, such as a web browser from a web link, which is not properly handled in the FIOgetargv function.

Recommendations For University of Minnesota gopher client version 3.0.9, consider disabling the VIfromLine and FIOgetargv functions as a temporary workaround until a patch is available. Restrict access to launching third-party programs from web links to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.