CVE-2008-4776
Published: 28 October 2008
libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.
Priority
Status
Package | Release | Status |
---|---|---|
ekg Launchpad, Ubuntu, Debian |
dapper |
Released
(1:1.6+20051103-1ubuntu1.1)
|
gutsy |
Released
(1:1.7~rc2-2ubuntu0.7.10.1)
|
|
hardy |
Released
(1:1.7~rc2-2ubuntu0.8.04.1)
|
|
intrepid |
Not vulnerable
(linked against libgadu)
|
|
jaunty |
Not vulnerable
(linked against libgadu)
|
|
karmic |
Not vulnerable
(linked against libgadu)
|
|
lucid |
Not vulnerable
(linked against libgadu)
|
|
upstream |
Released
(1.8.2)
|
|
kadu Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Released
(0.6.0-1ubuntu0.1)
|
|
intrepid |
Released
(0.6.0.2-2ubuntu0.1)
|
|
jaunty |
Not vulnerable
|
|
karmic |
Not vulnerable
|
|
lucid |
Not vulnerable
|
|
upstream |
Needs triage
|
|
libgadu Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
intrepid |
Released
(1:1.8.0+r592-1ubuntu0.1)
|
|
jaunty |
Not vulnerable
|
|
karmic |
Not vulnerable
|
|
lucid |
Not vulnerable
|
|
upstream |
Released
(1:1.8.0+r592-3)
|