VYPR
Vendor

Libgadu

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2013-4488Oct 10, 2014
    risk 0.00cvss epss 0.01

    libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers.

  • CVE-2014-3775May 22, 2014
    risk 0.00cvss epss 0.04

    libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.

  • CVE-2008-4776Oct 28, 2008
    risk 0.00cvss epss 0.01

    libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.

  • CVE-2005-2448Aug 3, 2005
    risk 0.00cvss epss 0.02

    Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems.

  • CVE-2005-2369Jul 26, 2005
    risk 0.00cvss epss 0.03

    Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code.

  • CVE-2005-1852Jul 26, 2005
    risk 0.00cvss epss 0.05

    Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.