CVE-2007-6411

Name of the Vulnerable Software and Affected Versions Gadu-Gadu version 7.7 Build 3669

Description The issue is related to multiple buffer overflows in the HandleEmotsConfig function in the GG Client. This allows user-assisted remote attackers to execute arbitrary code or cause a denial of service, resulting in the gg.exe process crash. The attack can be triggered via a long string in an emots.txt file.

Recommendations For Gadu-Gadu version 7.7 Build 3669, consider updating to a newer version that addresses this issue, as no specific fix is provided for this build. As a temporary workaround, restrict the use of long strings in emots.txt files to minimize the risk of exploitation.