Lucene search

MitreCVE-2004-1676

HistoryFeb 20, 2005 - 5:00 a.m.

CVE-2004-1676

2005-02-2005:00:00

mitre

web.nvd.nist.gov

gadu-gadu

buffer overflow

remote code execution

cve-2004-1676

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.035

Percentile

91.7%

JSON

Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message.

Affected configurations

Nvd

Node

gadu-gadugadu-gadu_instant_messengerMatch6.0

gadu-gadugadu-gadu_instant_messengerMatch6.0_build149

VendorProductVersionCPE
gadu-gadugadu-gadu_instant_messenger6.0cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0:*:*:*:*:*:*:*
gadu-gadugadu-gadu_instant_messenger6.0_build149cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build149:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gadu-gadu	gadu-gadu_instant_messenger	6.0	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0:::::::*
gadu-gadu	gadu-gadu_instant_messenger	6.0_build149	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build149:::::::*

References

marc.info/?l=bugtraq&m=109508834910733&w=2

secunia.com/advisories/12510

www.securityfocus.com/bid/11158

exchange.xforce.ibmcloud.com/vulnerabilities/17324

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.035

Percentile

91.7%

JSON

Related for CVE-2004-1676