CVE-2004-2529 - Vulnerability Details - OpenCVE

Gadu-Gadu allows remote attackers to bypass the "image send" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gadu-gadu	Gadu-gadu Instant Messenger

Configuration 1 [-]

OR	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0:::::::*
	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build149:::::::*
	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build150:::::::*
	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build151:::::::*
	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build152:::::::*
	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build153:::::::*
	cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build154:::::::*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=110295777306493&w=2
http://secunia.com/advisories/13450
http://www.man.poznan.pl/~security/gg-adv.txt
http://www.osvdb.org/12520
http://www.securityfocus.com/bid/11899
https://exchange.xforce.ibmcloud.com/vulnerabilities/18463

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-10-25T04:00:00

Updated: 2024-08-08T01:29:13.852Z

Reserved: 2005-10-25T00:00:00

Link: CVE-2004-2529

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2004-12-31T05:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2004-2529

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "Gadu-Gadu allows remote attackers to bypass the \"image send\" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "12520", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/12520"}, {"name": "20041213 Gadu-Gadu several vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=110295777306493&w=2"}, {"name": "gadu-gadu-image-bypass-security(18463)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18463"}, {"tags": ["x_refsource_MISC"], "url": "http://www.man.poznan.pl/~security/gg-adv.txt"}, {"name": "13450", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/13450"}, {"name": "11899", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/11899"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-2529", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Gadu-Gadu allows remote attackers to bypass the \"image send\" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "12520", "refsource": "OSVDB", "url": "http://www.osvdb.org/12520"}, {"name": "20041213 Gadu-Gadu several vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=110295777306493&w=2"}, {"name": "gadu-gadu-image-bypass-security(18463)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18463"}, {"name": "http://www.man.poznan.pl/~security/gg-adv.txt", "refsource": "MISC", "url": "http://www.man.poznan.pl/~security/gg-adv.txt"}, {"name": "13450", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/13450"}, {"name": "11899", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11899"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:29:13.852Z"}, "title": "CVE Program Container", "references": [{"name": "12520", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/12520"}, {"name": "20041213 Gadu-Gadu several vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=110295777306493&w=2"}, {"name": "gadu-gadu-image-bypass-security(18463)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18463"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.man.poznan.pl/~security/gg-adv.txt"}, {"name": "13450", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/13450"}, {"name": "11899", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/11899"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-2529", "datePublished": "2005-10-25T04:00:00", "dateReserved": "2005-10-25T00:00:00", "dateUpdated": "2024-08-08T01:29:13.852Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "62C53DCD-9F92-4DBB-860E-9148B0F62696", "vulnerable": true}, {"criteria": "cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build149:*:*:*:*:*:*:*", "matchCriteriaId": "47FF1D1D-473E-41DC-86E9-9DD8D7B969CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build150:*:*:*:*:*:*:*", "matchCriteriaId": "244EC342-310F-4DF2-AEDF-9C02E3DA3AB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build151:*:*:*:*:*:*:*", "matchCriteriaId": "F7961BD7-F28A-4F45-AD85-BE9538B87D74", "vulnerable": true}, {"criteria": "cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build152:*:*:*:*:*:*:*", "matchCriteriaId": "8BDE9E06-3221-4D0F-9198-AF68159BCA66", "vulnerable": true}, {"criteria": "cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build153:*:*:*:*:*:*:*", "matchCriteriaId": "545080CE-9717-481E-978A-1BFB787F722D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build154:*:*:*:*:*:*:*", "matchCriteriaId": "EF1B6F7D-9A0D-40C3-A071-366C80316CE0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Gadu-Gadu allows remote attackers to bypass the \"image send\" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities."}], "id": "CVE-2004-2529", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=110295777306493&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/13450"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.man.poznan.pl/~security/gg-adv.txt"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/12520"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/11899"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18463"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=110295777306493&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/13450"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.man.poznan.pl/~security/gg-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/12520"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/11899"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18463"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}