7.5

CVE-2005-1852

Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EkgEkg Version1.0
EkgEkg Version1.0_rc2
EkgEkg Version1.0_rc3
EkgEkg Version1.1
EkgEkg Version1.1_rc1
EkgEkg Version1.1_rc2
EkgEkg Version1.3
EkgEkg Version1.4
EkgEkg Version1.5
EkgEkg Version1.5_rc1
EkgEkg Version1.5_rc2
KdeKde Version3.2.3
KdeKde Version3.3
KdeKde Version3.3.1
KdeKde Version3.3.2
KdeKde Version3.4
KdeKde Version3.4.0
KdeKde Version3.4.1
KaduKadu
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.7% 0.906
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.novell.com/linux/security/advisories/2005_19_sr.html
http://marc.info/?l=bugtraq&m=112198499417250&w=2
http://lwn.net/Articles/144724/
Patch
Vendor Advisory
http://secunia.com/advisories/16140
Vendor Advisory
http://secunia.com/advisories/16155
Vendor Advisory
http://secunia.com/advisories/16211
Vendor Advisory
http://secunia.com/advisories/16242
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200507-23.xml
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml
http://www.kde.org/info/security/advisory-20050721-1.txt
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-639.html
http://www.securityfocus.com/bid/14345
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532