IDCVSSSummaryLast (major) updatePublished
CVE-2004-1231 5.0
Directory traversal vulnerability in Gadu-Gadu allows remote attackers to read arbitrary files via .. (dot dot) sequences in a DCC connection with a CTCP packet that contains a 1 as the type and a 4 as the subtype.
11-07-2017 - 01:30 10-01-2005 - 05:00
CVE-2004-1230 5.0
Gadu-Gadu allows remote attackers to gain sensitive information and read files from the _cache directory of other users via a DCC connection and a CTCP packet that contains a 1 as the type and a 4 as the subtype.
11-07-2017 - 01:30 10-01-2005 - 05:00
CVE-2004-1232 10.0
Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename.
11-07-2017 - 01:30 10-01-2005 - 05:00
CVE-2004-1233 5.0
Integer overflow in Gadu-Gadu allows remote attackers to cause a denial of service (disk consumption) via a user packet to the DCC file transfer capability with an invalid file length.
11-07-2017 - 01:30 10-01-2005 - 05:00
CVE-2004-1229 7.5
Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) news:// URLs, a different vulnerability than CVE-2004-1410.
18-10-2016 - 02:52 10-01-2005 - 05:00
CVE-2004-2530 2.6
Visual truncation vulnerability in Gadu-Gadu allows remote attackers to spoof the file extension on transmitted files via a filename with a large number of spaces followed by the real extension, which is not displayed in the dialog box.
11-07-2017 - 01:31 31-12-2004 - 05:00
CVE-2007-6409 4.3
The gg protocol handler in Gadu-Gadu, when this product is installed but not running, does not properly handle the skin attribute, which allows remote attackers to cause a denial of service (resource consumption) via unspecified network traffic.
15-10-2018 - 21:53 17-12-2007 - 18:46
CVE-2007-6410 4.3
Gadu-Gadu does not properly perform protocol handling, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and add arbitrary user accounts or cause a denial of service as administrators via an unspecified "crafted link,
15-10-2018 - 21:53 17-12-2007 - 18:46
Back to Top Mark selected
Back to Top