Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4776

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-4776
Last Modified 30 Oct 2012 11:05:54
Published 28 Oct 2008 03:46:09
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4776

Summary

libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.

Vulnerable Systems

Application

  • Wojtek Kaniewsk Libgadu 1.7.0

  • Wojtek Kaniewsk Libgadu 1.7.1

  • Wojtek Kaniewsk Libgadu 1.7.2

  • Wojtek Kaniewsk Libgadu 1.8.0

  • Wojtek Kaniewsk Libgadu 1.8.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=468830

XF - libgadu-contactdescription-bo(46158)

UBUNTU - USN-692-1

BID - 31951

MLIST - [libgadu-devel] 20081024 libgadu 1.8.2

SUSE - SUSE-SR:2008:023

DEBIAN - DSA-1664

Related Patches

Novell SUSE 2010:7245 kdenetwork3 security update for SLE 10 SP3 i586


Last Updated: 27 May 2016 10:49:46