Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the EasycallLite.oce ActiveX control, which can initiate an outgoing phone call and listen to the microphone.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gadu-Gadu用户通话窃听漏洞
Vulnerability Description
adu-Gadu是一款即时消息通讯程序。 Gadu-Gadu中存在多个远程漏洞,如下所述: 1 GG允许在用户间发送图形。发送者可以指定文件名,该文件名可以是特定的设备。如果用户将图形命名为"LPT1:",就可以在接收端的lpt1端口写入图形内容;如果将图形命名为"AUX:"并发送两次,第二次发送就可以阻断负责显示、接收和发送消息的线程。 2 GG的图形文件名长度中存在栈溢出。如果图形名称长度处于192到200(含)之间,就可以溢出缓冲区。由于缓冲区的硬写入长度为200字节,因此对文件名做了该限制检查,但
CVSS Information
N/A
Vulnerability Type
N/A