Vulnerabilities > CVE-2004-1231 - Directory Traversal vulnerability in Gadu-Gadu Instant Messenger

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
gadu-gadu

Summary

Directory traversal vulnerability in Gadu-Gadu allows remote attackers to read arbitrary files via .. (dot dot) sequences in a DCC connection with a CTCP packet that contains a 1 as the type and a 4 as the subtype.

Vulnerable Configurations

Part Description Count
Application
Gadu-Gadu
1