CVE-2005-1852
Summary
| CVE | CVE-2005-1852 |
|---|---|
| State | PUBLISHED |
| Assigner | debian |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-07-26 04:00:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Centericq | Centericq | All | All | All | All |
| Application | Ekg | Ekg | 1.0 | All | All | All |
| Application | Ekg | Ekg | 1.0_rc2 | All | All | All |
| Application | Ekg | Ekg | 1.0_rc3 | All | All | All |
| Application | Ekg | Ekg | 1.1 | All | All | All |
| Application | Ekg | Ekg | 1.1_rc1 | All | All | All |
| Application | Ekg | Ekg | 1.1_rc2 | All | All | All |
| Application | Ekg | Ekg | 1.3 | All | All | All |
| Application | Ekg | Ekg | 1.4 | All | All | All |
| Application | Ekg | Ekg | 1.5 | All | All | All |
| Application | Ekg | Ekg | 1.5_rc1 | All | All | All |
| Application | Ekg | Ekg | 1.5_rc2 | All | All | All |
| Application | Kadu | Kadu | All | All | All | All |
| Operating System | Kde | Kde | 3.2.3 | All | All | All |
| Operating System | Kde | Kde | 3.3 | All | All | All |
| Operating System | Kde | Kde | 3.3.1 | All | All | All |
| Operating System | Kde | Kde | 3.3.2 | All | All | All |
| Operating System | Kde | Kde | 3.4 | All | All | All |
| Operating System | Kde | Kde | 3.4.0 | All | All | All |
| Operating System | Kde | Kde | 3.4.1 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| marc.info | af854a3a-2127-422b-91ae-364da2661108 | marc.info | |
| Gentoo Linux Documentation -- GNU Gadu, CenterICQ, Kadu, EKG, libgadu: Remote code execution in Gadu library | af854a3a-2127-422b-91ae-364da2661108 | www.gentoo.org | |
| Secunia - Advisories - Gentoo update for gnugadu/kadu/ekg/libgadu/centericq | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| Security Announcement | af854a3a-2127-422b-91ae-364da2661108 | www.novell.com | |
| LWN: Fedora alert FEDORA-2005-624 (kdenetwork) | af854a3a-2127-422b-91ae-364da2661108 | lwn.net | Patch, Vendor Advisory |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | |
| www.kde.org/info/security/advisory-20050721-1.txt | af854a3a-2127-422b-91ae-364da2661108 | www.kde.org | Patch, Vendor Advisory |
| EKG LIbGadu Multiple Remote Integer Overflow Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Patch |
| Secunia - Advisories - KDE Kopete update for libgadu | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| Secunia - Advisories - Gentoo update for kopete | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| rhn.redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | |
| Gentoo Linux Documentation -- Kopete: Vulnerability in included Gadu library | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | Patch, Vendor Advisory |
| Secunia - Advisories - ekg libgadu Integer Overflow Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.