cbcvebase.
CVE-2005-3887
published 2005-11-29

CVE-2005-3887: Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenames, which allows remote attackers to (1) cause a denial of service (hang) via an image…

PriorityP419medium5.4CVSS 2.0
AVNACHAuNCNINAC
EPSS
1.89%
76.9th percentile
Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenames, which allows remote attackers to (1) cause a denial of service (hang) via an image filename of AUX: sent twice (hang), or (2) write to the LPT1 port via a filename of "LPT1:".

Affected

1 ranges
VendorProductVersion rangeFixed in
gadu-gadugadu-gadu_instant_messenger
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.