CVE-2005-1852
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
| Software | From | Fixed in |
|---|---|---|
| ekg / ekg | 1.4 | 1.4.x |
| ekg / ekg | 1.1_rc2 | 1.1_rc2.x |
| ekg / ekg | 1.0_rc3 | 1.0_rc3.x |
| ekg / ekg | 1.5_rc2 | 1.5_rc2.x |
| ekg / ekg | 1.5_rc1 | 1.5_rc1.x |
| ekg / ekg | 1.5 | 1.5.x |
| ekg / ekg | 1.1_rc1 | 1.1_rc1.x |
| ekg / ekg | 1.3 | 1.3.x |
| ekg / ekg | 1.0_rc2 | 1.0_rc2.x |
| ekg / ekg | 1.0 | 1.0.x |
| ekg / ekg | 1.1 | 1.1.x |
| kde / kde | 3.3.2 | 3.3.2.x |
| kde / kde | 3.3.1 | 3.3.1.x |
| kde / kde | 3.4.0 | 3.4.0.x |
| kde / kde | 3.4 | 3.4.x |
| kde / kde | 3.3 | 3.3.x |
| kde / kde | 3.2.3 | 3.2.3.x |
| kde / kde | 3.4.1 | 3.4.1.x |
| centericq / centericq | - | - |
| kadu / kadu | - | - |
- http://lwn.net/Articles/144724/
- http://marc.info/?l=bugtraq&m=112198499417250&w=2
- http://secunia.com/advisories/16140
- http://secunia.com/advisories/16155
- http://secunia.com/advisories/16211
- http://secunia.com/advisories/16242
- http://security.gentoo.org/glsa/glsa-200507-23.xml
- http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml
- http://www.kde.org/info/security/advisory-20050721-1.txt
- http://www.novell.com/linux/security/advisories/2005_19_sr.html
- http://www.redhat.com/support/errata/RHSA-2005-639.html
- http://www.securityfocus.com/bid/14345
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime