Published: 31/12/2004 Updated: 18/10/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and previous versions allows remote malicious users to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gadu-gadu gadu-gadu instant messenger 6.0_build154
gadu-gadu gadu-gadu instant messenger 6.0_build155
gadu-gadu gadu-gadu instant messenger 6.0_build150
gadu-gadu gadu-gadu instant messenger 6.0_build151
gadu-gadu gadu-gadu instant messenger 6.0_build149
gadu-gadu gadu-gadu instant messenger 6.0_build152
gadu-gadu gadu-gadu instant messenger 6.0_build153

source: wwwsecurityfocuscom/bid/11998/info Multiple remote vulnerabilities reportedly affect Gadu-Gadu instant messenger It supports the DCC (Direct Client Connection) protocol, facilitating the transfer of files and messages between users The input validation issue is an HTML injection vulnerability in the instant messaging system It ...

NVD-CWE-Other http://www.securityfocus.com/bid/11998 http://www.osvdb.org/12524 http://secunia.com/advisories/13450 http://marc.info/?l=bugtraq&m=110330741828726&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/25009/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1410

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect