Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1852

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1852
Last Modified 21 Dec 2010 12:00:00
Published 26 Jul 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1852

Summary

Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.

Vulnerable Systems

Operating System

  • Kde 3.2.3

  • Kde 3.3

  • Kde 3.3.1

  • Kde 3.3.2

  • Kde 3.4

  • Kde 3.4.0

  • Kde 3.4.1

Application

  • Centericq

  • Ekg 1.0

  • Ekg 1.0 Rc2

  • Ekg 1.0 Rc3

  • Ekg 1.1

  • Ekg 1.1 Rc1

  • Ekg 1.1 Rc2

  • Ekg 1.3

  • Ekg 1.4

  • Ekg 1.5

  • Ekg 1.5 Rc1

  • Ekg 1.5 Rc2

  • Kadu


References

BID - 14345

CONFIRM - http://www.kde.org/info/security/advisory-20050721-1.txt

GENTOO - GLSA-200507-23

FEDORA - FEDORA-2005-624

REDHAT - RHSA-2005:639

SUSE - SUSE-SR:2005:019

GENTOO - GLSA-200507-26

SECUNIA - 16242

SECUNIA - 16211

SECUNIA - 16155

SECUNIA - 16140

BUGTRAQ - 20050721 Multiple vulnerabilities in libgadu and ekg package


Last Updated: 27 May 2016 10:40:18