Gadu-gadu Instant Messenger Security Vulnerabilities and Issues — Gadu-gadu Instant Messenger CVE List

Lucene search

Gadu-gaduGadu-gadu Instant Messenger

5 matches found

CVE•added 2005/11/29 9:3 p.m.•47 views

CVE-2005-3892

Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the EasycallLite.oce ActiveX control, which can initiate an outgoing phone call and listen to the microphone.

5CVSS6.7AI score0.00463EPSS

CVE•added 2005/11/29 9:3 p.m.•46 views

CVE-2005-3887

Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenames, which allows remote attackers to (1) cause a denial of service (hang) via an image filename of AUX: sent twice (hang), or (2) write to the LPT1 port via a filename of "LPT1:".

5.4CVSS6.7AI score0.01407EPSS

CVE•added 2005/11/29 9:3 p.m.•43 views

CVE-2005-3890

Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) via a page with a large number of gg: URIs.

7.8CVSS6.6AI score0.01602EPSS

CVE•added 2005/11/29 9:3 p.m.•40 views

CVE-2005-3891

Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache" string that is added to the end of the buffer.

7.8CVSS7.1AI score0.01745EPSS

CVE•added 2005/11/29 9:3 p.m.•34 views

CVE-2005-3888

Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet but does not free it after the packet has been dropped.

7.8CVSS6.9AI score0.01886EPSS