Vulnerabilities > Gadu Gadu > High

DATE CVE VULNERABILITY TITLE RISK
2005-11-29 CVE-2005-3891 Unspecified vulnerability in Gadu-Gadu Instant Messenger 7.20
Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.
network
low complexity
gadu-gadu
7.8
2005-11-29 CVE-2005-3890 Unspecified vulnerability in Gadu-Gadu Instant Messenger 7.20
Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) via a page with a large number of gg: URIs.
network
low complexity
gadu-gadu
7.8
2005-11-29 CVE-2005-3889 Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code of 6 or 7, which triggers a large number of popup windows to the user and creates a large number of threads.
network
low complexity
gadu-gadu
7.8
2005-11-29 CVE-2005-3888 Unspecified vulnerability in Gadu-Gadu Instant Messenger 7.20
Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet but does not free it after the packet has been dropped.
network
low complexity
gadu-gadu
7.8
2005-01-10 CVE-2004-1229 Remote vulnerability in Gadu-Gadu
Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) news:// URLs, a different vulnerability than CVE-2004-1410.
network
low complexity
gadu-gadu
7.5
2004-09-12 CVE-2004-1676 Remote Heap Overflow vulnerability in Gadu-Gadu Instant Messenger 6.0/6.0Build149
Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message.
network
low complexity
gadu-gadu
7.5