Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3891

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2005-3891
Last Modified 07 Mar 2011 09:27:20
Published 29 Nov 2005 04:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3891

Summary

Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.

Vulnerable Systems

Application

  • Gadu-gadu Instant Messenger 7.20


References

SECUNIA - 17597

XF - gadu-gadu-image-name-bo(23149)

BID - 15520

BUGTRAQ - 20051121 Gadu-Gadu several vulnerabilities (version <= 7.20)

OSVDB - 21016


Last Updated: 27 May 2016 10:41:06