Vulnerabilities > CVE-2004-1411 - Remote Input Validation And Denial Of Service vulnerability in Gadu-Gadu

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

high complexity

gadu-gadu

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters.

Vulnerable Configurations

Part	Description	Count
Application	Gadu-Gadu Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build149 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build150 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build151 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build152 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build153 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build154 Gadu Gadu Gadu Gadu Instant Messenger 6.0_Build155	7

References

http://marc.info/?l=bugtraq&m=110330741828726&w=2
http://www.securityfocus.com/bid/11998
https://exchange.xforce.ibmcloud.com/vulnerabilities/18580