ID |
CVE-2005-3891
|
Summary |
Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.8 (as of 20-07-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
refmap
via4
|
bid | 15520 | bugtraq | 20051121 Gadu-Gadu several vulnerabilities (version <= 7.20) | fulldisc | 20051121 Gadu-Gadu several vulnerabilities (version <= 7.20) | osvdb | 21016 | secunia | 17597 | xf | gadu-gadu-image-name-bo(23149) |
|
Last major update |
20-07-2017 - 01:29 |
Published |
29-11-2005 - 21:03 |
Last modified |
20-07-2017 - 01:29 |