KLA10171
Multiple vulnerabilities in Gadu-Gadu

Multiple serious vulnerabilities have been found in Gadu-Gadu. Malicious can use these vulnerabilities to obtain sensitive information or cause denial of service Below is a complete list of vulnerabilities

1. Vectors related to Easycall can be exploited remotely via outgoing calls;
2. A buffer overflow can be exploited remotely via a specially designed image filename;
3. Vectors related to unknown activities can be exploited remotely via a specially designed web page;
4. Vectors related to unknown activities can be exploited remotely via specially designed DCC packets;
5. Improper device name handling can be exploited remotely via a specially designed filename.

Gadu-Gadu version 7.20

Update to latest version