Detections
Analytics

CVE-2005-1852

critical

Description

Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532

http://www.securityfocus.com/bid/14345

http://www.redhat.com/support/errata/RHSA-2005-639.html

http://www.novell.com/linux/security/advisories/2005_19_sr.html

http://www.kde.org/info/security/advisory-20050721-1.txt

http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml

http://security.gentoo.org/glsa/glsa-200507-23.xml

http://secunia.com/advisories/16242

http://secunia.com/advisories/16211

http://secunia.com/advisories/16155

http://secunia.com/advisories/16140

http://marc.info/?l=bugtraq&m=112198499417250&w=2

http://lwn.net/Articles/144724/

Details

Source: Mitre, NVD

Published: 2005-07-26

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical