Vulnerability Details : CVE-2005-3891
Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.
Vulnerability category: OverflowDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2005-3891
Probability of exploitation activity in the next 30 days: 2.15%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-3891
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
References for CVE-2005-3891
Products affected by CVE-2005-3891
- cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:7.20:*:*:*:*:*:*:*