Vulnerability Details CVE-2005-3888
Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet but does not free it after the packet has been dropped.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.2%
CVSS Severity
CVSS v2 Score 7.8
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0658.html
- http://marc.info/?l=bugtraq&m=113261573023912&w=2
- http://secunia.com/advisories/17597/
- http://www.osvdb.org/21017
- http://www.osvdb.org/21018
- http://www.securityfocus.com/bid/15520/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23150
- http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0658.html
- http://marc.info/?l=bugtraq&m=113261573023912&w=2
- http://secunia.com/advisories/17597/
- http://www.osvdb.org/21017
- http://www.osvdb.org/21018
- http://www.securityfocus.com/bid/15520/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23150
Products affected by CVE-2005-3888
-
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:7.20