Gadu-gadu Instant Messenger@* Security Vulnerabilities and Issues — Gadu-gadu Instant Messenger@* CVE List

Lucene search

Gadu-gaduGadu-gadu Instant Messenger*

5 matches found

CVE•added 2005/01/10 5:0 a.m.•42 views

CVE-2004-1231

Directory traversal vulnerability in Gadu-Gadu allows remote attackers to read arbitrary files via .. (dot dot) sequences in a DCC connection with a CTCP packet that contains a 1 as the type and a 4 as the subtype.

5CVSS7.1AI score0.00229EPSS

CVE•added 2005/01/10 5:0 a.m.•42 views

CVE-2004-1233

Integer overflow in Gadu-Gadu allows remote attackers to cause a denial of service (disk consumption) via a user packet to the DCC file transfer capability with an invalid file length.

5CVSS7.2AI score0.00739EPSS

CVE•added 2005/01/10 5:0 a.m.•40 views

CVE-2004-1229

Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) news:// URLs, a different vulnerability than CVE-2004-1410.

7.5CVSS6.2AI score0.01075EPSS

CVE•added 2005/01/10 5:0 a.m.•37 views

CVE-2004-1230

Gadu-Gadu allows remote attackers to gain sensitive information and read files from the _cache directory of other users via a DCC connection and a CTCP packet that contains a 1 as the type and a 4 as the subtype.

5CVSS6.8AI score0.00391EPSS

CVE•added 2005/01/10 5:0 a.m.•35 views

CVE-2004-1232

Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename.

10CVSS8.4AI score0.0517EPSS