Vulnerability Description
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ekg | Ekg | 1.0 |
| Kde | Kde | 3.2.3 |
| Centericq | Centericq | All versions |
| Kadu | Kadu | All versions |
Related Weaknesses (CWE)
References
- http://lwn.net/Articles/144724/PatchVendor Advisory
- http://marc.info/?l=bugtraq&m=112198499417250&w=2
- http://secunia.com/advisories/16140Vendor Advisory
- http://secunia.com/advisories/16155Vendor Advisory
- http://secunia.com/advisories/16211Vendor Advisory
- http://secunia.com/advisories/16242Vendor Advisory
- http://security.gentoo.org/glsa/glsa-200507-23.xmlPatchVendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml
- http://www.kde.org/info/security/advisory-20050721-1.txtPatchVendor Advisory
- http://www.novell.com/linux/security/advisories/2005_19_sr.html
- http://www.redhat.com/support/errata/RHSA-2005-639.html
- http://www.securityfocus.com/bid/14345Patch
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://lwn.net/Articles/144724/PatchVendor Advisory
- http://marc.info/?l=bugtraq&m=112198499417250&w=2
FAQ
What is CVE-2005-1852?
CVE-2005-1852 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (...
How severe is CVE-2005-1852?
CVE-2005-1852 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1852?
Check the references section above for vendor advisories and patch information. Affected products include: Ekg Ekg, Kde Kde, Centericq Centericq, Kadu Kadu.