CVE-2005-1852

CVE	CVE-2005-1852
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2005-07-26 04:00:00 UTC
Updated	2017-10-11 01:30:00 UTC
Description	Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.

Problem Types: CWE-189

Type	Vendor	Product	Version	Update	Edition	Language
Application	Centericq	Centericq	All	All	All	All
Application	Centericq	Centericq	All	All	All	All
Application	Ekg	Ekg	1.0	All	All	All
Application	Ekg	Ekg	1.0_rc2	All	All	All
Application	Ekg	Ekg	1.0_rc3	All	All	All
Application	Ekg	Ekg	1.1	All	All	All
Application	Ekg	Ekg	1.1_rc1	All	All	All
Application	Ekg	Ekg	1.1_rc2	All	All	All
Application	Ekg	Ekg	1.3	All	All	All
Application	Ekg	Ekg	1.4	All	All	All
Application	Ekg	Ekg	1.5	All	All	All
Application	Ekg	Ekg	1.5_rc1	All	All	All
Application	Ekg	Ekg	1.5_rc2	All	All	All
Application	Ekg	Ekg	1.0	All	All	All
Application	Ekg	Ekg	1.0_rc2	All	All	All
Application	Ekg	Ekg	1.0_rc3	All	All	All
Application	Ekg	Ekg	1.1	All	All	All
Application	Ekg	Ekg	1.1_rc1	All	All	All
Application	Ekg	Ekg	1.1_rc2	All	All	All
Application	Ekg	Ekg	1.3	All	All	All
Application	Ekg	Ekg	1.4	All	All	All
Application	Ekg	Ekg	1.5	All	All	All
Application	Ekg	Ekg	1.5_rc1	All	All	All
Application	Ekg	Ekg	1.5_rc2	All	All	All
Application	Kadu	Kadu	All	All	All	All
Application	Kadu	Kadu	All	All	All	All
Operating System	Kde	Kde	3.2.3	All	All	All
Operating System	Kde	Kde	3.3	All	All	All
Operating System	Kde	Kde	3.3.1	All	All	All
Operating System	Kde	Kde	3.3.2	All	All	All
Operating System	Kde	Kde	3.4	All	All	All
Operating System	Kde	Kde	3.4.0	All	All	All
Operating System	Kde	Kde	3.4.1	All	All	All
Operating System	Kde	Kde	3.2.3	All	All	All
Operating System	Kde	Kde	3.3	All	All	All
Operating System	Kde	Kde	3.3.1	All	All	All
Operating System	Kde	Kde	3.3.2	All	All	All
Operating System	Kde	Kde	3.4	All	All	All
Operating System	Kde	Kde	3.4.0	All	All	All
Operating System	Kde	Kde	3.4.1	All	All	All

Reference	Source	Link	Tags
Secunia - Advisories - KDE Kopete update for libgadu	SECUNIA	secunia.com	Vendor Advisory
Secunia - Advisories - Gentoo update for kopete	SECUNIA	secunia.com	Vendor Advisory
Repository / Oval Repository	OVAL	oval.cisecurity.org
LWN: Fedora alert FEDORA-2005-624 (kdenetwork)	FEDORA	lwn.net	Patch, Vendor Advisory
rhn.redhat.com \| Red Hat Support	REDHAT	www.redhat.com
Secunia - Advisories - ekg libgadu Integer Overflow Vulnerability	SECUNIA	secunia.com	Vendor Advisory
Gentoo Linux Documentation -- Kopete: Vulnerability in included Gadu library	GENTOO	security.gentoo.org	Patch, Vendor Advisory
Secunia - Advisories - Gentoo update for gnugadu/kadu/ekg/libgadu/centericq	SECUNIA	secunia.com	Vendor Advisory
Gentoo Linux Documentation -- GNU Gadu, CenterICQ, Kadu, EKG, libgadu: Remote code execution in Gadu library	GENTOO	www.gentoo.org
EKG LIbGadu Multiple Remote Integer Overflow Vulnerabilities	BID	www.securityfocus.com	Patch
Security Announcement	SUSE	www.novell.com
20050721 Multiple vulnerabilities in libgadu and ekg package	BUGTRAQ	marc.info
www.kde.org/info/security/advisory-20050721-1.txt	CONFIRM	www.kde.org	Patch, Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.