MidnightBSD

Advisories for kadu

CVE-2005-1852 HIGH

Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
ekg ekg 1.0_rc2
ekg ekg 1.5_rc2
kde kde 3.4.0
ekg ekg 1.1
ekg ekg 1.3
centericq centericq *
ekg ekg 1.0_rc3
ekg ekg 1.0
ekg ekg 1.1_rc2
kde kde 3.3.2
ekg ekg 1.1_rc1
kde kde 3.3
ekg ekg 1.5
ekg ekg 1.4
ekg ekg 1.5_rc1
kde kde 3.4.1
kde kde 3.3.1
kadu kadu *
kde kde 3.2.3
kde kde 3.4
CVE-2005-3960 HIGH

Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated traffic) via a malformed message, possibly with incomplete information.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kadu kadu 0.5_pre
kadu kadu 0.4.2
CVE-2006-0768 MEDIUM

Kadu 0.4.3 allows remote attackers to cause a denial of service (application crash) via a large number of image send requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kadu kadu 0.4.3
CVE-2012-1410 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the History Window implementation in Kadu 0.9.0 through 0.11.0 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) SMS message, (2) presence message, or (3) status description.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
kadu kadu 0.11.0
kadu kadu 0.9.0
kadu kadu 0.10.0