CVE-2005-3887

Loading...

General

Score:5.4/10.0
Severity:Medium
Category:N/A

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:High
Authentication:None

Published on 29/11/05 - Updated on 20/07/17

Description

Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenames, which allows remote attackers to (1) cause a denial of service (hang) via an image filename of AUX: sent twice (hang), or (2) write to the LPT1 port via a filename of "LPT1:".

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2005-3887

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
gadu-gadugadu-gadu_instant_messenger

Share this vulnerability with:

Twitter Facebook LinkedIn Mail