Vulnerabilities > CVE-2004-1410 - Remote Input Validation And Denial Of Service vulnerability in Gadu-Gadu

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

gadu-gadu

exploit available

NVD

Published: 2004-12-31

Updated: 2016-10-18

Summary

Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229.

Vulnerable Configurations

Part	Description	Count
Application	Gadu-Gadu Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build149 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build150 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build151 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build152 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build153 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build154 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build155	7

Exploit-Db

description	Gadu-Gadu 6.0 URL Parser Javascript XSS. CVE-2004-1410 . Remote exploit for windows platform
id	EDB-ID:25009
last seen	2016-02-03
modified	2004-12-17
published	2004-12-17
reporter	Jaroslaw Sajko
source	https://www.exploit-db.com/download/25009/
title	Gadu-Gadu 6.0 URL Parser Javascript XSS

Summary

Vulnerable Configurations

Exploit-Db

References