Vulnerabilities > CVE-2004-1410 - Unspecified vulnerability in Gadu-Gadu Instant Messenger
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN gadu-gadu
exploit available
Summary
Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229.
Vulnerable Configurations
Exploit-Db
| description | Gadu-Gadu 6.0 URL Parser Javascript XSS. CVE-2004-1410 . Remote exploit for windows platform |
| id | EDB-ID:25009 |
| last seen | 2016-02-03 |
| modified | 2004-12-17 |
| published | 2004-12-17 |
| reporter | Jaroslaw Sajko |
| source | https://www.exploit-db.com/download/25009/ |
| title | Gadu-Gadu 6.0 URL Parser Javascript XSS |
References
- http://marc.info/?l=bugtraq&m=110330741828726&w=2
- http://marc.info/?l=bugtraq&m=110330741828726&w=2
- http://secunia.com/advisories/13450
- http://secunia.com/advisories/13450
- http://www.osvdb.org/12524
- http://www.osvdb.org/12524
- http://www.securityfocus.com/bid/11998
- http://www.securityfocus.com/bid/11998