Vulnerabilities > CVE-2005-3891 - Unspecified vulnerability in Gadu-Gadu Instant Messenger 7.20

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

gadu-gadu

NVD

Published: 2005-11-29

Updated: 2017-07-20

Summary

Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.

Vulnerable Configurations

Part	Description	Count
Application	Gadu-Gadu Gadu Gadu Gadu Gadu Instant Messenger 7.20	1

References

http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0658.html
http://marc.info/?l=bugtraq&m=113261573023912&w=2
http://secunia.com/advisories/17597/
http://www.osvdb.org/21016
http://www.securityfocus.com/bid/15520/
https://exchange.xforce.ibmcloud.com/vulnerabilities/23149