CVE-2008-4776

Publication date 28 October 2008

Last updated 24 July 2024


Ubuntu priority

libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.

Status

Package Ubuntu Release Status
ekg 10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 1:1.7~rc2-2ubuntu0.8.04.1
7.10 gutsy
Fixed 1:1.7~rc2-2ubuntu0.7.10.1
6.06 LTS dapper
Fixed 1:1.6+20051103-1ubuntu1.1
kadu 10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Fixed 0.6.0.2-2ubuntu0.1
8.04 LTS hardy
Fixed 0.6.0-1ubuntu0.1
7.10 gutsy Ignored end of life, was needed
6.06 LTS dapper Not in release
libgadu 10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Fixed 1:1.8.0+r592-1ubuntu0.1
8.04 LTS hardy Not in release
7.10 gutsy Not in release
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-692-1
    • Gadu vulnerability
    • 17 December 2008

Other references