Wojtek Kaniewski reports:
Multiple vulnerabilities have been found in libgadu, a
library for handling Gadu-Gadu instant messaging
protocol. It is a part of ekg, a Gadu-Gadu client, but is
widely used in other clients. Also some of the user
contributed scripts were found to behave in an insecure
manner.
- integer overflow in libgadu (CVE-2005-1852) that could
be triggered by an incomming message and lead to
application crash and/or remote code execution
- insecure file creation (CVE-2005-1850) and shell
command injection (CVE-2005-1851) in other user
contributed scripts (discovered by Marcin Owsiany and
Wojtek Kaniewski)
- several signedness errors in libgadu that could be
triggered by an incomming network data or an application
passing invalid user input to the library
- memory alignment errors in libgadu that could be
triggered by an incomming message and lead to bus errors
on architectures like SPARC
- endianness errors in libgadu that could cause invalid
behaviour of applications on big-endian
architectures