CVSS: 7.5EPSS: 5%CPEs: 20EXPL: 0CVE-2005-1852
https://notcve.org/view.php?id=CVE-2005-1852
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. Múltiples desbordamientos de búfer en libgadu, usado en Kopete en KDE 3.2.3 hasta la 3.4.1, ekg anteriores a 1.6rc3, GNU Gadu, CenterICQ, Kadu, y otros paquetes, permite que atacantes remotos causen una denegación de servicio (caída) y posiblemente ejecuten código arbitrario mediante un mensaje de entrada. • http://lwn.net/Articles/144724 http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://secunia.com/advisories/16140 http://secunia.com/advisories/16155 http://secunia.com/advisories/16211 http://secunia.com/advisories/16242 http://security.gentoo.org/glsa/glsa-200507-23.xml http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml http://www.kde.org/info/security/advisory-20050721-1.txt http://www.novell.com/linux/security/advisories/2005_19_sr.html http:/&# • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2005-1850
https://notcve.org/view.php?id=CVE-2005-1850
Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916. • http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://www.debian.org/security/2005/dsa-760 •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2005-1851
https://notcve.org/view.php?id=CVE-2005-1851
A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors. Ciertos scripts en el cliente ekg Gadu 1.5 y anteriores permiten ejecutar comandos shell mediante maneras de ataque desconocidas. • http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://www.debian.org/security/2005/dsa-760 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1916
https://notcve.org/view.php?id=CVE-2005-1916
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. • http://marc.info/?l=bugtraq&m=112060146011122&w=2 http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://www.debian.org/security/2005/dsa-760 http://www.zataz.net/adviso/ekg-06062005.txt • CWE-59: Improper Link Resolution Before File Access ('Link Following') •