CVE-2008-4776
Published: 28 October 2008
libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
ekg Launchpad, Ubuntu, Debian |
dapper |
Released
(1:1.6+20051103-1ubuntu1.1)
|
| gutsy |
Released
(1:1.7~rc2-2ubuntu0.7.10.1)
|
|
| hardy |
Released
(1:1.7~rc2-2ubuntu0.8.04.1)
|
|
| intrepid |
Not vulnerable
(linked against libgadu)
|
|
| jaunty |
Not vulnerable
(linked against libgadu)
|
|
| karmic |
Not vulnerable
(linked against libgadu)
|
|
| lucid |
Not vulnerable
(linked against libgadu)
|
|
| upstream |
Released
(1.8.2)
|
|
|
kadu Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Ignored
(end of life, was needed)
|
|
| hardy |
Released
(0.6.0-1ubuntu0.1)
|
|
| intrepid |
Released
(0.6.0.2-2ubuntu0.1)
|
|
| jaunty |
Not vulnerable
|
|
| karmic |
Not vulnerable
|
|
| lucid |
Not vulnerable
|
|
| upstream |
Needs triage
|
|
|
libgadu Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| intrepid |
Released
(1:1.8.0+r592-1ubuntu0.1)
|
|
| jaunty |
Not vulnerable
|
|
| karmic |
Not vulnerable
|
|
| lucid |
Not vulnerable
|
|
| upstream |
Released
(1:1.8.0+r592-3)
|