CVE-2005-1852

Sažetak

Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.

Reference

http://lwn.net/Articles/144724/
http://marc.info/?l=bugtraq&m=112198499417250&w=2
http://secunia.com/advisories/16140
http://secunia.com/advisories/16155
http://secunia.com/advisories/16211
http://secunia.com/advisories/16242
http://security.gentoo.org/glsa/glsa-200507-23.xml
http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml
http://www.kde.org/info/security/advisory-20050721-1.txt
http://www.novell.com/linux/security/advisories/2005_19_sr.html
http://www.redhat.com/support/errata/RHSA-2005-639.html
http://www.securityfocus.com/bid/14345
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-10-2017 - 01:30

Objavljeno

26-07-2005 - 04:00