Lucene search

PRIOn knowledge basePRION:CVE-2014-3775

HistoryMay 22, 2014 - 11:14 a.m.

Design/Logic Flaw

2014-05-2211:14:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.3%

JSON

libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.

CPENameOperatorVersion
libgadueq1.12.0 rc1
libgadule1.11.4
libgadueq1.12.0 rc2
libgadueq1.12.0 rc3

Name	Operator	Version
libgadu	eq	1.12.0 rc1
libgadu	le	1.11.4
libgadu	eq	1.12.0 rc2
libgadu	eq	1.12.0 rc3

References

lists.ziew.org/pipermail/libgadu-devel/2014-May/001171.html

lists.ziew.org/pipermail/libgadu-devel/2014-May/001180.html

secunia.com/advisories/58668

secunia.com/advisories/58870

secunia.com/advisories/58871

www.debian.org/security/2014/dsa-2935

www.openwall.com/lists/oss-security/2014/05/19/3

www.securityfocus.com/bid/67471

www.ubuntu.com/usn/USN-2215-1

www.ubuntu.com/usn/USN-2216-1

bugzilla.redhat.com/show_bug.cgi?id=1099776

security.gentoo.org/glsa/201508-02