Gadu-gadu : Security Vulnerabilities, CVEs, CVSS score >= 6
Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.
Max CVSS
7.8
EPSS Score
2.15%
Published
2005-11-29
Updated
2017-07-20
Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) via a page with a large number of gg: URIs.
Max CVSS
7.8
EPSS Score
2.15%
Published
2005-11-29
Updated
2017-07-20
Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet but does not free it after the packet has been dropped.
Max CVSS
7.8
EPSS Score
4.69%
Published
2005-11-29
Updated
2017-07-20
Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message.
Max CVSS
7.5
EPSS Score
3.41%
Published
2004-09-12
Updated
2017-07-11
Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename.
Max CVSS
10.0
EPSS Score
3.79%
Published
2005-01-10
Updated
2017-07-11
Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) news:// URLs, a different vulnerability than CVE-2004-1410.
Max CVSS
7.5
EPSS Score
1.24%
Published
2005-01-10
Updated
2016-10-18
6 vulnerabilities found