PT-2005-4633 · Gadu Gadu · Gadu-Gadu

Blazej Miga

Published

2005-11-29

Updated

2017-07-20

CVE-2005-3889

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Gadu-Gadu version 7.20

Description The issue allows remote attackers to cause a denial of service by sending multiple DCC packets with a code of 6 or 7. This triggers a large number of popup windows to the user and creates a large number of threads.

Recommendations For Gadu-Gadu version 7.20, consider disabling the handling of DCC packets with codes 6 or 7 as a temporary workaround until a patch is available. Restrict access to the feature that processes these packets to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3889

Affected Products

Gadu-Gadu

PT-2005-4633 · Gadu Gadu · Gadu-Gadu

CVE-2005-3889

Related Identifiers

Affected Products

References · 7