PT-2004-2326 · Gadu Gadu · Gadu-Gadu

Blazej Miga

Published

2004-12-31

Updated

2017-07-11

CVE-2004-1411

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Gadu-Gadu versions build 155 and earlier

Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop. This occurs when a message contains an image whose filename does not start with restricted characters.

Recommendations: For Gadu-Gadu versions build 155 and earlier, consider restricting the handling of image files with filenames that do not start with restricted characters to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1411

Affected Products

Gadu-Gadu

PT-2004-2326 · Gadu Gadu · Gadu-Gadu

CVE-2004-1411

Related Identifiers

Affected Products

References · 4