CVE Tools

gadu-gadu

Communicationscommercial

18

Cumulative CVEs

5

Monthly snapshots

#19

Peak rank

Top products

gadu-gadu instant messenger3

Latest CVEs

The 15 most recently published vulnerabilities affecting gadu-gadu.

CVE-2007-6411Multiple buffer overflows in the HandleEmotsConfig function in the GG Client in Gadu-Gadu 7.7 Build 3669 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service ...4.3Dec 17, 2007
CVE-2007-6410Gadu-Gadu does not properly perform protocol handling, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and add arbitrary user accounts or cause a denial of servic...4.3Dec 17, 2007
CVE-2007-6409The gg protocol handler in Gadu-Gadu, when this product is installed but not running, does not properly handle the skin attribute, which allows remote attackers to cause a denial of service (resour...4.3Dec 17, 2007
CVE-2005-3892Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the EasycallLite.oce ActiveX control, which can initiate an outgoing phone call and listen to the microphone.5.0Nov 29, 2005
CVE-2005-3891Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for th...7.8Nov 29, 2005
CVE-2005-3890Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) via a page with a large number of gg: URIs.7.8Nov 29, 2005
CVE-2005-3888Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet bu...7.8Nov 29, 2005
CVE-2005-3887Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenames, which allows remote attackers to (1) cause a denial of service (hang) via an image filename of AUX: sent twice (hang), or (...5.4Nov 29, 2005
CVE-2004-2529Gadu-Gadu allows remote attackers to bypass the "image send" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities.5.0Oct 25, 2005
CVE-2004-1676Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message.7.5Feb 20, 2005
CVE-2004-1414Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that contains many special strings that are converted to images.5.0Feb 12, 2005
CVE-2004-1411Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters.2.6Feb 12, 2005
CVE-2004-1410Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsi...4.3Feb 12, 2005
CVE-2004-1233Integer overflow in Gadu-Gadu allows remote attackers to cause a denial of service (disk consumption) via a user packet to the DCC file transfer capability with an invalid file length.5.0Dec 15, 2004
CVE-2004-1232Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename.10.0Dec 15, 2004